Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
716
Views
0
Helpful
3
Replies

Solution for Nat from internal network to internal PC on different subnet

Go to solution
CW7
Level 1
Level 1

‎03-03-2019 02:19 PM

Hi all,

Very unusual situation, but am searching for temp solution.  See attached diagram.  Have an ASA with trunked interface.  Have vlans 208 (192.168.208.0/24), and vlan 205 (172.16.204.0/22).  The two vlans can communicate with each other fine.  However, there is a PC/Server at 192.168.208.11 that will not communicate with anything outside of Vlan 208.  I have no access to that server.  Am guessing it needs a static route added to it, or has a firewall on.  Am looking for a temp solution that will allow Vlan 205 to talk to that server.  I need some kind of relay on vlan 208 that will allow vlan 205 to talk to the server 208.11.  Can I do this with NAT?  Would I need to set up another router or PC on Vlan 208?  

 

trouble.png

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Dennis Mink
VIP Alumni
VIP Alumni

‎03-03-2019 05:02 PM

why dont you nat the source of users in vlan 205, when going to the 192.168.208.11 int the interface vlan 208 IP address of the ASA.

 

this way, as far as the server is concerned the connection attempts come from within vlan 205.

 

 

Please remember to rate useful posts, by clicking on the stars below.

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Jaderson Pessoa
VIP Alumni
VIP Alumni

‎03-03-2019 02:29 PM

Hello,

3 options.

1.check if you have a acl entry blocking traffic.
2.check windows firewall from machines.
3.check if gateway on machines is settings correctly
Jaderson Pessoa
*** Rate All Helpful Responses ***
0 Helpful

Go to solution
CW7
Level 1
Level 1
In response to Jaderson Pessoa

‎03-03-2019 02:36 PM

Don't have access to the server 192.168.208.11, so can't check it's settings, but I can ping it from within the 192.168.208.0/24 network.  Can also ping other devices between vlans with no problem.  Firewalls on PCs I can access are off.  No ACLs on ASA except for the default ones.

0 Helpful

Go to solution
Dennis Mink
VIP Alumni
VIP Alumni

‎03-03-2019 05:02 PM

why dont you nat the source of users in vlan 205, when going to the 192.168.208.11 int the interface vlan 208 IP address of the ASA.

 

this way, as far as the server is concerned the connection attempts come from within vlan 205.

 

 

Please remember to rate useful posts, by clicking on the stars below.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card