Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2594
Views
0
Helpful
7
Replies

NAT Bi- Directional on router

JRGC
Level 1
Level 1

‎04-10-2017 09:06 PM - edited ‎03-08-2019 10:09 AM

Hi guys


I have NAT configuration on router, using two interfaces with " ip nat inside" and one interface " ip nat outside"

Currently I can reach my destination with ICMP ( ping) and NAT is working fine.

I¨m using NAT to communicate two Webservices, Server on site A to Server on Site B ( private Networks). What¨ll happen ? when Server on Site B try to communicate or respond to Server on Site A. The configuration NAT will work in both way? or missing some configuration.

Please check topology.

Thanks for your support and advise !!!!

Regards,

Labels:
Preview file
37 KB
0 Helpful
7 Replies 7

Dennis Mink
VIP Alumni
VIP Alumni

‎04-10-2017 09:14 PM

in order for server B to talk to server A you would need to add additional NAT rules 

from outside>server A, remember NAT get applied in the dfirection of who initiated the NAT traffic.

so if your webserver B, for instance telnets on port 23 to inside, then your NAT will need to cater for that. this is also referred to as port forwarding.

please rate if useful

Please remember to rate useful posts, by clicking on the stars below.

0 Helpful

JRGC
Level 1
Level 1
In response to Dennis Mink

‎04-11-2017 03:43 AM

Hi Dennis,


I understood your point but I'm confused with the configuration that I need. Do you have an example or reference link?

Now I'm using the configuration below and only work in one way

ip nat pool ovrld 10.3.251.1 10.3.251.1 prefix 24


ip nat inside source list 7 pool ovrld overload

Network Site A (Source)

access-list 7 permit 192.50.5.0 0 0.0.255
access-list 7 permit 192.50.8.0 0.0.0.255

Destination Servers, On site B

192.168.10.0/24

192.168.11.0/24

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame
In response to JRGC

‎04-11-2017 03:57 AM

Do the servers at site B ever initiate connections to site A server or is it always the LAN and site A server that starts the connection ?

Jon

0 Helpful

JRGC
Level 1
Level 1
In response to Jon Marshall

‎04-11-2017 07:57 AM

Yes, I have two " Ip nat inside" and one " ip nat outside" configured.

Why? the principal reason is that the server on Site B only accept traffic source one segmento and I´m using NAT to reach. But the problem is when the traffic originate on Server B to reach another server (ServerA) the comunication fail on this way.

0 Helpful

Paul Smith
Level 1
Level 1
In response to JRGC

‎04-11-2017 04:23 PM

Can you post your running config (remove passwords and public IP's)? Can you also post the IP addresses of servers on Site A and Site B?

0 Helpful

Dennis Mink
VIP Alumni
VIP Alumni
In response to JRGC

‎04-11-2017 04:00 AM

check this post mate

http://www.techrepublic.com/blog/data-center/configure-static-nat-for-inbound-connections/

Please remember to rate useful posts, by clicking on the stars below.

0 Helpful

Paul Smith
Level 1
Level 1

‎04-11-2017 05:27 AM

So you have two interfaces using ip nat inside. Is one Site A and the other Site B?

No you don't need any extra NAT because the traffic between Site A and Site B is private to private. You only need to use NAT when the traffic is going private to public or vice versa.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card