Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
454
Views
5
Helpful
11
Replies

NAT SCENARIO NOT WORKING

Go to solution
Himanshu_Dwivedi
Level 1
Level 1

‎06-09-2025 07:19 PM - edited ‎06-09-2025 07:20 PM

Hi,

I would like you to examine the scenario below; this was meant to be tested in the customer's environment. I opened the packet tracker and attempted to create the same topology, but it isn’t functioning , so I would like to find out if it will work or not.

I have two routers, Router A on top and Router B on the bottom, both configured with the internal subnets 192.168.1.0/24 and 192.168.2.0/24. Each router has a WAN IP assigned (Router A: 1.1.1.1 and Router B: 1.1.1.2). I have been testing without NAT, and the actual IP is reachable from all the PCs. I am trying to set up a scenario where the PC under Router B (PC 192.168.2.2) needs to be translated to the same subnet as Router A (192.168.2.3), but I haven’t been able to accomplish this. I just want to know how to achieve this and the best possible way.

Himanshu_Dwivedi_0-1749521562274.png

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
sidshas03
Spotlight
Spotlight

‎06-09-2025 11:03 PM

Hi Himanshu,

I checked your topology and your NAT configuration, you're almost there, just missing a small but important step.

You've done correct static NAT on Router B like this:

ip nat inside source static 192.168.2.2 192.168.1.10
ip nat inside source static 192.168.2.3 192.168.1.4

Inside and outside interfaces are also fine. But the issue is, Router A doesn’t know where to forward packets meant for 192.168.1.10 or 192.168.1.4, because from its point of view, these addresses should be local — but they are not.

What you need to do:

On Router A, add static routes pointing these translated IPs to Router B (1.1.1.2):

ip route 192.168.1.10 255.255.255.255 1.1.1.2
ip route 192.168.1.4 255.255.255.255 1.1.1.2

This way, Router A will forward all traffic meant for those NAT IPs to Router B, where the actual machines live.

Also just double-check that your PCs are using the correct default gateway (PC1 and PC2 should point to 192.168.2.1, PC0 should point to 192.168.1.1).

Once this routing is done, everything should work fine. 

View solution in original post

11 Replies 11

Go to solution
M02@rt37
VIP
VIP

‎06-09-2025 09:56 PM - edited ‎06-09-2025 09:59 PM

Hello @Himanshu_Dwivedi 

You try to map a device from 192.168.2.2 (Router B's LAN) into the 192.168.1.0/24 subnet (Router A's LAN). This overlaps with an existing subnet and is not routable...

RouterA thinks IP 192.168.1.4 belongs to its own LAN, not reachable via the WAN (1.1.1.2), so it don't send the reply corectly.

So, use a non-overlapping NAT pool or a NAT overload taking interface wan IP address.

 

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

Go to solution
sidshas03
Spotlight
Spotlight

‎06-09-2025 11:03 PM

Hi Himanshu,

I checked your topology and your NAT configuration, you're almost there, just missing a small but important step.

You've done correct static NAT on Router B like this:

ip nat inside source static 192.168.2.2 192.168.1.10
ip nat inside source static 192.168.2.3 192.168.1.4

Inside and outside interfaces are also fine. But the issue is, Router A doesn’t know where to forward packets meant for 192.168.1.10 or 192.168.1.4, because from its point of view, these addresses should be local — but they are not.

What you need to do:

On Router A, add static routes pointing these translated IPs to Router B (1.1.1.2):

ip route 192.168.1.10 255.255.255.255 1.1.1.2
ip route 192.168.1.4 255.255.255.255 1.1.1.2

This way, Router A will forward all traffic meant for those NAT IPs to Router B, where the actual machines live.

Also just double-check that your PCs are using the correct default gateway (PC1 and PC2 should point to 192.168.2.1, PC0 should point to 192.168.1.1).

Once this routing is done, everything should work fine. 

Go to solution
Himanshu_Dwivedi
Level 1
Level 1
In response to sidshas03

‎06-10-2025 12:31 AM

Appreciate your response and the suggestion provided by you worked. Thank you so much

Go to solution
paul driver
VIP
VIP

‎06-10-2025 12:24 AM

Hello
As per your OP, it looks like rtrB has the “hidden” network so it this what is to be translated, your static nat statements are okay but I would say the nat rtrB just requires a static route towards 192.168.1.0/24

rtrb
ip route 192.168.1.0 255.255.255.0 gig0/0  1.1.1.1


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Go to solution
Himanshu_Dwivedi
Level 1
Level 1
In response to paul driver

‎06-10-2025 12:39 AM - edited ‎06-10-2025 12:43 AM

Static route is already present and I can see it in  a routing table, the routees priovided by sidshas03 worked.

 

0 Helpful

Go to solution
paul driver
VIP
VIP
In response to Himanshu_Dwivedi

‎06-10-2025 08:46 AM

Hello
TBh you should t require those static routes  as then the rtr b network will not be hidden which would mean with those added static routes you could remove the nat statements  and you should still have end to end connectivity something i guess you do not want!


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

Go to solution
Himanshu_Dwivedi
Level 1
Level 1
In response to paul driver

‎06-10-2025 08:50 AM

Please let me know possible way to achieve this.

0 Helpful

Go to solution
paul driver
VIP
VIP
In response to Himanshu_Dwivedi

‎06-10-2025 09:27 AM

Hello
so are you now confirming nat isn’t working as expected ?
if so so and to make sure what the present state of both rtrs can you attached the current run cfg from both of them please 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

Go to solution
Himanshu_Dwivedi
Level 1
Level 1
In response to paul driver

‎06-10-2025 09:58 AM

Please find the the attached config files.

Preview file
1 KB
Preview file
1 KB
0 Helpful

Go to solution
paul driver
VIP
VIP
In response to Himanshu_Dwivedi

‎06-10-2025 04:36 PM

Hello
rtra
no ip route 192.168.2.0 255.255.255.0 1.1.1.2
no ip route 192.168.1.4 255.255.255.255 1.1.1.2
no ip route 192.168.1.10 255.255.255.255 1.1.1.2

rtrb
no ip nat inside source static 192.168.2.3 192.168.1.4
no ip nat inside source static 192.168.2.2 192.168.1.10
ip nat inside source static 192.168.2.3 1.1.1.4
ip nat inside source static 192.168.2.2 1.1.1.10

 

Pc0 should be able to reach PC1 & PC2 via 1.1.1.4 & 1.1.1.10 respectively
PC1 & PC2 via 1.1.1.4 & 1.1.1.10  should be able to reach PC0 via 192.168.1.2

sh ip nat translations 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Go to solution
Himanshu_Dwivedi
Level 1
Level 1
In response to paul driver

‎06-10-2025 06:33 PM

This scenario I tested and working fine, I was just finding the solution by translating the IP address which is other than the WAN IP Address in this case it is 1.1.1.0/24.

0 Helpful
Customers Also Viewed These Support Documents