One tricky question about NAT with gateway less server

sandeep.waghchoure · ‎11-03-2009

Hi, all

Thanks in advance

I have one problem regarding bidirectional natting.

One of our customer requiremant is as follows

Customer has a IP trapper device which is preconfigured and can not configure it because they have no access to this box.

But now they want to connect this vpn box from internet,but they dont know the gateway of device.

We have done the following config on rouetr which is connected to internet.

1)First configure one to one static nat for ip trapper device.(1.1.1.1 to 2.2.2.2)

2)Then we configured the outside natting on interface by which public user's ip address converted to 1.1.1.9 with add-route option and ip nat pool option.

But stilll we can not access the Ip trapper from internet.

Please suggest the config which will work

Giuseppe Larosa · ‎11-03-2009

Hello Sandeep,

you could try to use IP proxy-arp:

whatever default gateway the box is trying to use it has to perform an ARP request for it.

if your router has an ip address in net 1.1.1.x and can answer to ARP requests for an IP of type 1.1.1.y with its own MAC address you should be fine.

you need to enable ip proxy arp also for local ip addresses

ip proxy-arp

is the normal command

ip local-proxy-arp

is the one I'm suggesting

see

http://www.cisco.com/en/US/docs/ios/ipaddr/command/reference/iad_arp.html#wp1013159

Hope to help

Giuseppe

rkrumpe · ‎11-06-2009

Hi Sandeep,

i've got the same Topic.

Did this work with loacl-proxy-arp?

Do you can support me with an config template for ip nat outside pool...

this would excellent

regards

Ronny