hi guys,

I have a big problem that is driving me crazy.

Here my configuration:

Dialer1                               Ethernet0/0

--------------> [Router 1481]<-------------------->[Firewall]<----------->[LAN MGT]

Dialer1: is the ISDN interface used to open a VPN from the external.

Ethernet 0/0: is the interface of the Router 1481 in the internal lan (ip 10.20.253.251/24)

Firewall: it is the firewall of the internal lan, with ip 10.20.253.252

Lan MGT: it is another lan behind the firewall, ip 10.0.131.0/24

From the external VPN, I can access only to ip in the lan 10.20.253.0/24.

So i would like to access to an host in the Lan MGT (behind the firewall) , for example 10.0.131.28, using a virtual ip 10.20.253.28. So I configure the nat translation static. The problem is that it does not work.

In the cisco 1481 i configure the following parameters:

ip route 10.0.131.0 255.255.255.0 10.20.253.252

Adding this in the router i can ping the host 10.0.131.28 from the internal interface. The strange thing is that i don't see any arp information for the 10.0.131.28 executing the following command:

show ip arp

Then i add the static nat command:

ip nat source inside static 10.0.131.28 10.20.253.28

But it does not work, I suppose because in the arp i have no entries for the ip 10.0.131.28.

How could I solve the problem?

Thanks a lot,

Paz