Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
523
Views
10
Helpful
1
Replies

Address and port translation between internal networks

Go to solution
Sinisa Hreljac
Level 1
Level 1

‎08-19-2022 08:50 AM

Hi to all,

I have a situation like on attached picture. Central router 891 is currently Mikrotik router and it should be migrated to Cisco router.

Internal networks are defined by VLANs, and outside interface to ISP is physical Gi0. I have configured on outside interface "ip nat outside" and on VLANs "ip nat inside". Also, global config "ip nat inside source list 199 interface GigabitEthernet0 overload" is applied and all internal VLANs can access internet, so this is OK.

However, there is one more need, that traffic to one specific IP and port on internet (for this purpose let say it is IP 9.9.9.9 tcp/999) from VLAN10 or host 10.10.0.10  should be redirected to HOST B and some other port.

When service on HOST A which have IP address 10.10.0.10 initiate tcp connection to 9.9.9.9 port 999, that connection should be redirected to 192.168.0.10 port 777. On Host B, source of this connection should not be changed (it should be 10.10.0.10).

On Mikrotik this is possible and very easy to configure. Is this possible on Cisco 891 router and how?

 

Thanks.  

Labels:
Preview file
13 KB
1 Accepted Solution

Accepted Solutions

Go to solution
paul driver
VIP
VIP

‎08-20-2022 02:34 AM - edited ‎08-20-2022 02:35 AM

Hello
If you will require an internal host so it can be accessed internally from its inside global address (translated ip/port address -PAT)
then you have two options to accomplish this.

  • Change you nat to NVI nat (domainless nat – no inside/outside domains (most simplistic)
  • Hairpinning.

Please see attached txt file.


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

View solution in original post

Preview file
2 KB
1 Reply 1

Go to solution
paul driver
VIP
VIP

‎08-20-2022 02:34 AM - edited ‎08-20-2022 02:35 AM

Hello
If you will require an internal host so it can be accessed internally from its inside global address (translated ip/port address -PAT)
then you have two options to accomplish this.

  • Change you nat to NVI nat (domainless nat – no inside/outside domains (most simplistic)
  • Hairpinning.

Please see attached txt file.


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
Preview file
2 KB
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card