Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
421
Views
0
Helpful
4
Replies

Nat inside source to another inside source through public address

mvandeberg
Level 1
Level 1

‎03-14-2005 10:53 AM - edited ‎03-02-2019 10:08 PM

I have a question about communication from one host with an inside source static to another host with an inside source static through the public address. For example, I have a workstation with a 10.x.x address that has a public static of 199.190.x.x and I have a server that also has a 10.x.x address with a public static of 199.190.x.x. The problem is that I cannot communicate with netbios, or ODBC, using the servers public address. I know in this case that the traffic has to go "out" using the public, and then back in using the public addresses, in which case it times out communication. Internally everything is fine from the private address to the private address. Also the inside source static works fine as long as a machine that is on the outside communicats to an inside source also. So, in other words, the inside source is working fine all around, unless you want an inside machine to get to another inside machine using the public address.... I hope I havent confused anyone, and hopefully someone knows what Im talking about and has an answer, but im stumped. The router in question is a Cisco 2621 with a fairly recent IOS.

Thanks,

Mike

Labels:
0 Helpful
4 Replies 4

tekha
Level 3
Level 3

‎03-14-2005 01:13 PM

Would it be a huge problem for the servers to communicate via their private addresses? If not that would be my no. 1 suggestion to you.

If you really need the servers to communicate via their public addresses, then obviously you need the traffic to go to the 2621 router, here you need the router to do "NAT-on-a-stick", see this configuration example, http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080094430.shtml

Your problem is that you want to NAT traffic from an ip nat inside interface back out agian to the same ip nat inside interface.

So you need to make the traffic swing around a loopback interface, that is ip nat outside, using policy routing.

It actually works, I've tested it myself. However, please notice this warning: "Note: The router must process switch every packet due to the loopback interface. This degrades the performance of the router."

0 Helpful

mvandeberg
Level 1
Level 1
In response to tekha

‎03-14-2005 02:21 PM

Thanks for the reply.

The reason I need to comm with a server using its public address is due to an ODBC connection that I need to create using the IP (global) address in the DSN configuration instead of the netbios server name, or internal addy.

Yes, we do comm with the server using the internal addresses just fine, but this is a unique case.

I was hoping I was just missing something simple, but I dont think the loopback thing is an option.

Thanks again!

0 Helpful

smebbin
Level 1
Level 1
In response to mvandeberg

‎03-14-2005 02:32 PM

Just out of curiousity.... Why couldn't you just edit the host files on the servers to just use the private IPs to communicate with eachother and the publics with the outside world. I don't understand why you would need to come back in to communicate with an internal server. DNS can point outside boxes where these servers are and local host files can point where the servers are for eachother.

- Brandon

0 Helpful

mvandeberg
Level 1
Level 1
In response to smebbin

‎03-14-2005 02:48 PM

You are sharp.

Actually that is what I am doing to get around the problem, but I hate band aids, and I wouldnt need to do anything with the host files if you could just hop from one nat public to the other..

Thanks,

Mike

0 Helpful
Customers Also Viewed These Support Documents