11-04-2010 02:15 PM - edited 03-06-2019 01:53 PM
Hi,
I'm asking if it's possible to configure ip nat in the LAN in the following case :
We have a centralised host to use to initiate telnet connection to wan devices (routers and switchs). the host (a cisco 2620) is the only device witch is autorized to telnet over the WAN.
For testing purposes, we need to test a program using telnet to wan routers and it cannot be done from the host. for this, we use a workstation in the same LAN as the telnet host.
the workstation cannot telnet directly WAN devices. it's possible to reroute telnet trafic from the wk to transit via the cisco 2620 and using it's adress ?
is there any way to configure IP NAT in the router ? i have tired the ip nat inside source static @ wk @ router2620 => not working
must i add an ip nat inside command under the LAN interface of 2620 ?
Please help.
Thanks for your help.
Regards,
11-04-2010 03:03 PM
Hi,
If I understand correctly you need to telnet from an inside host to a WAN going through the 2620 (and the telnet session will be allowed only from the 2620 IP)?
If so you can configure PAT.
access-list 101 permit ip host x.x.x.x REMOTE_WAN---> x.x.x.x is the internal host
ip nat inside source list 101 interface ROUTER_INTERFACE overload
interface inside
ip nat inside
interface outside
ip nat outside
Federico.
11-04-2010 03:26 PM
Yes, that is what i mean. but, the workstation does'nt have the cisco 2620 as gateway.
Also, the host cisco 2610 have just only one LAN interface configured and conencted to LAN (FE0/1), i don't have two interface.
my idea, as wk and cisco 2620 are in the same LAN, is to try to forward telnet trafic from wk to transit via the router and to have it's ip address as source.
thanks for your help.
Regards,
11-05-2010 01:24 AM
Hi,
is it possible to setup the NAT using a cisco 2620 connected only in the LAN (FE0/0). when we add ip nat inside under fe interface, it's not working as the same interface is used to route trafic out.
In summay, the goal is to permit telnet trafic from the workstation and i must route trafic via the cisco 2620 (the autorized device) but the problem is how to have the ip of the router as the the source address ?
Thanks and regards,
11-08-2010 08:39 AM
Hi,
If you still need help with this please include a simple drawing and we''ll gladly help you out.
Federico.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide