Expiring Today—Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

NAT question

Posted on 2014-12-17
6
Medium Priority
?
99 Views
Last Modified: 2015-01-06
How do I do a IP address translation from one IP to the other? for ex. in my case, i will be doing an inside ip address of a router that will be translated into another local ip address.
0
Comment
Question by:Shark Attack
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 5

Expert Comment

by:jkeegan123
ID: 40505383
When you NAT, there is always a device that will be doing the NAT.  Traffic is sent to the device (typically a default gateway) and traffic LEAVES the device translated with a new header, and a NAT table is kept so that traffic can RETURN to the sending device.

If you want to NAT an INSIDE address to another INSIDE address, that could be slightly more complicated.  Can you please provide more details?

- Your segment has a router
- Your PC/device that needs to NAT is on the same subnet as the router
- You want to translate the device's IP to another IP ... what is that IP?  Is it another IP on the same subnet?

If you could give general answers so that we knew the WHY of what you were trying to do, this would make answering easy.

Thanks~!
0
 
LVL 3

Author Comment

by:Shark Attack
ID: 40505431
take a look at the atatched. asa is where Im at. going to the router via l2l tunnel. I need nat translate from 172.28.5.40 NAT'd to 192.168.10.9 which is the route to dms'z they installed. does that make sense?
map.pdf
0
 
LVL 5

Accepted Solution

by:
jkeegan123 earned 2000 total points
ID: 40505468
If you want to NAT before the VPN happens, and assuming that "interesting traffic" is already defined as source:192.168.10.9, then you'll need to setup a Policy-NAT to change traffic to this IP:

1. Setup a GLOBAL IP address of the IP that you want to translate to with a NAT ID.
2. Setup an access-list defining that traffic that you want to NAT (what source IP, what destination IP)
3. Setup a NAT statement to do the NAT using the NAT ID established in step 1

global (outside) 10 192.168.10.9
access-list policy-nat permit ip host 172.28.5.40 any
nat (inside) 10 access-list policy-nat

(2nd statement says that 172.28.5.40 will be NAT'd to 192.168.10.9 no matter WHAT the destination is).
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 3

Author Comment

by:Shark Attack
ID: 40505493
im assumingthat there might be asa between the router and dsl modem there. when i show the show ip nat statistics/trans I dont get anything so Im assuming the asa does that, I do not have access to the ASA there. would it make more sense to do this on that router inside interface or on my asa?
0
 
LVL 5

Expert Comment

by:jkeegan123
ID: 40505590
what version of Cisco ASA software (show ver) are you running?
0
 
LVL 3

Author Comment

by:Shark Attack
ID: 40505594
ASA5520 8.2
0

Featured Post

Moving data to the cloud? Find out if you’re ready

Before moving to the cloud, it is important to carefully define your db needs, plan for the migration & understand prod. environment. This wp explains how to define what you need from a cloud provider, plan for the migration & what putting a cloud solution into practice entails.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is a step by step guide on how to create a basic PTP link using Ubiquiti airOS devices. This guide can be used on the following Ubiquiti AirMAX devices. Nanostation, Bullets, AirBridge, Nanobeam, NanoBridge to name a few. Please review …
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question