Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1425
Views
0
Helpful
3
Replies

NAT same IP

antonio.henriques
Level 1
Level 1

‎11-12-2019 04:25 PM

Hi

 

I have a "simple" problem that is killing my brain..

The problem..., I have a lab with many different brands and models of network equipment, mainly low/mid range routers.

What I'm trying to do is get a way to access all those equipments from the internet, or behind a single IP.

But there are some problems...

Those equipments must be in factory configuration state, so I will have many equipments with the same IP

Equipments will have no gateway...

 

What I made so far...

I have all those equipments connected to a switch, all landing in a different VLAN

This switch connects in a trunk interface to my internet router

My Internet router as one vlan interface for each vlan and each vlan interface as it's own vrf

I thought in using the wan port for choosing the equipment I want to connect to

 

For example:

Equipment 1 - IP 192.168.0.1, has telnet access, connect to the switch in vlan 100

Equipment 2 - IP 192.168.0.1, has telnet access, connect to the switch in vlan 200

 

The internet router

WAN IP is 100.0.0.1

Interface vlan 100, in VRF v100, with IP 192.168.0.200 255.255.255.0

Interface vlan 200, in VRF v200, with IP 192.168.0.200 255.255.255.0

 

My idea is to user wan port's for choosing what equipment I will connect to

For example telneting to 100.0.0.1 in port 10023, I would access to Equipment 1, or telneting to 100.0.0.1 in port 20023, I would access to Equipment 2

 

My main difficulty is to pass traffic from my WAN into the correct vrf depending on the port I connect

Other difficulty is when the traffic reaches the Equipment 1, it must have a source IP in the same network of that equipment, because the equipment's will not have gateways...

 

Any suggestion?

Labels:
0 Helpful
3 Replies 3

Oleg Volkov
Spotlight
Spotlight

‎11-12-2019 10:07 PM

Hello!

We may select other way, place all devices in single VLAN, then try to access to default IP from your gateway (Cisco for example), you will established telnet to some devices, which of devices You can detect by Mac or any inventory data. After this , change Ip and add gateway. And repeat it for next device.

If you have any ASA devices, You can simply configure source nat and multi context , and realize. Your idea.

--------------------------------------------------------------------------

Helping seriously ill children, all together. All information about this, is posted on my blog
0 Helpful

antonio.henriques
Level 1
Level 1
In response to Oleg Volkov

‎11-13-2019 12:35 AM

Thanks. Oleg

 

The first solution is not really what I pretend...

I want all devices to be available all the time. If any one does changes to those devices and what to revert it, it would take a simple factory reset and that device would become available immediately.

 

You are suggesting an ASA, this scenario is not doable with a cisco router using VRF's?

 

0 Helpful

Oleg Volkov
Spotlight
Spotlight
In response to antonio.henriques

‎11-13-2019 02:01 AM

Nat from global to vrf do with "vrf <VRFNAME>

I try to simulate Your case in my lab and answer You

--------------------------------------------------------------------------

Helping seriously ill children, all together. All information about this, is posted on my blog
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents