Hi,

drslimw · ‎02-10-2017

Hi all,

This may be a basic question as I am not a Network admin professional. I searched for online resources but could not solve the problem.

The scenario I have is summarized in the below diagram.

I have two separate networks (network 1 172.1.1.0/24 and Network 2 192.168.1.0/24). each one of the two networks have a firewall providing internet access and acting as default gateway/router (R1 and R2 respectively).

I would like to allow communication between two specific hosts one from each network and I do not want to touch the configuration of R1 and R2 (adding routing rules in R1 and R2 is not an option in my case).

I am using a third device R3 which is an IOS router (CISCO 1900 series) connected to Network 1 via g0/0 ip address 172.1.1.10 and at the same time to Network 2 via g0/1 ip address 192.168.1.10.

My objective is to configure R3 device to :

- accept traffic from R1 to g0/0 only from host C2 172.1.1.20

- accept traffic from R2 to g0/1 only from host C3 192.1.1.20

- traffic sent from C2 (172.1.1.20) to R3 g0/0 (172.1.1.10) should be forwarded to destination C3 (172.1.1.20) with source ip changed to 192.168.1.10

- traffic sent from C3 (192.168.1.20) to R3 g0/1 (192.168.1.10) should be forwarded to destination C2 (172.1.1.20) with source ip changed to 172.1.1.10

Please any help on how to do the config ?

I tried NAT but the problem is that when traffic is sent from the inside network to the inside interface of R3 as the destination ip (172.1.1.10) , it does not get NATted because routing takes place first (I guess).

ip nat inside source static 172.1.1.20 192.168.1.10
ip nat outside source static 192.168.1.20 172.1.1.10

And also I am not sure what will happen when traffic is sent to the router's own ip as destination, does it get routed, NATted? how to force the router to forward / transmit traffic it receives in one interface to another interface (or host) ?

in summary I want C2 to see R3 g0/0 as C3 and C3 to see R3 g0/1 as C2.

much appreciated.

[[{"type":"media","fid":"1405826","view_mode":"wysiwyg","attributes":{"alt":"Network Diagram","title":"Network Diagram","height":"659","width":"1245","class":"image-style-none media-element file-wysiwyg","data-delta":"1"},"fields":{}}]]

saif musa · ‎02-12-2017

Hi,

I would recommend redesigning your network as attachment below, and as following conditions:

- C1&2 gateway = R1

- C3&4 gateway = R2

- On R2 ; ip route 0.0.0.0 0.0.0.0 <your public ip>

ip route 172.1.1.0 255.255.255.0 10.10.10.1

- On R1 ; ip route 0.0.0.0 0.0.0.0 <your public ip>

ip route 192.168.1.0 255.255.255.0 10.10.10.2

Hope that could help

drslimw · ‎02-12-2017

Thank you for your feedback. Your answer would be the most straight forward one in a standard scenario. As I explained I am looking for a solution to my specific situation without changing the routes in both gateways (R1 and R2).

I am trying to understand if at all possible to use a router between two networks without it being the gateway for neither of them. I am not sure if this is technically possible ? if it is please let me know how ?

saif musa · ‎02-12-2017

Hi,

You can follow below configuration for above specific design;

- C1&2 gateway = R1

- C3&4 gateway = R2

- On R1 ; ip route 0.0.0.0 0.0.0.0 <your public ip>

ip route 192.168.1.0 255.255.255.0 172.1.1.10

- On R2 ; ip route 0.0.0.0 0.0.0.0 <your public ip>

ip route 172.1.1.0 255.255.255.0 192.168.1.10

Regards

Connecting two hosts from different networks with cisco IOS router