Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
443
Views
0
Helpful
3
Replies

NAT from internal network to outside address

alanbcameron
Level 1
Level 1

‎06-06-2006 09:44 AM - edited ‎03-03-2019 03:31 AM

I have a /29 network defined internal to two 2811's and advertised via BGP.

I would like to take two addresses from the /29 and for each permit access from my LAN through a specific tcp port over my WAN and a remote server.

i.e.

192.168.212.x 389 would be tranlated out as 209.209.0.1 389

192.168.212.x 43002 would be tranlated out as 209.209.0.2 43002

Is this possible ?

Labels:
0 Helpful
3 Replies 3

gpulos
Level 8
Level 8

‎06-06-2006 01:03 PM

you can setup your router to perform NAT on the two addresses.

you can then seutp ACLs to permit these addresses to specific destinations and ports.

NAT: 192.168.212.x >>> 209.209.0.1

NAT: 192.168.212.xx >> 209.209.0.2

ACL Permit: 209.209.0.1 port 398 >>>> destination

ACL Permit: 209.209.0.2 port 43002 >> destination

0 Helpful

alanbcameron
Level 1
Level 1
In response to gpulos

‎06-07-2006 07:09 AM

Thanks for your response.

I will try this out.

I have run into a problem in that my server has two NIC's with addresses in the same net, in this case 192.168.212.0.

With this, there is a vip that fronts the two physical addresses.

0 Helpful

daiyuxinbj
Level 1
Level 1

‎06-07-2006 02:18 AM

of cause, alanbcameron.

Location of ACL is at ragged edge of port.

I mean that packets are checked first by ACL when they tries to entry the port, that packets are checked last by ACL when they leave the port.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card