- Community Home
- >
- Networking
- >
- Legacy
- >
- Switches, Hubs, Modems
- >
- Help with In Bound 1:1 NAT
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-09-2008 12:05 PM
тАО06-09-2008 12:05 PM
Help with In Bound 1:1 NAT
My config file is attached. My setup is pretty simple. I use many:1 outbound NAT for my users and 1:1 inbound NAT for my servers. I'm feeling like I either missed something simple or I totally misunderstood the concept. Any help would be appreciated.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-09-2008 04:31 PM
тАО06-09-2008 04:31 PM
Re: Help with In Bound 1:1 NAT
!
ip access-list extended web-acl-7
remark Forward to x.x.0.34
permit tcp any host x.x.x.34 eq domain log
permit udp any host x.x.x.34 eq domain log
!
What you need to do is change the destination address to that of your ppp 1 interface:
!
interface ppp 1
ip address x.x.x.33 255.255.255.224
Since you're NATing, the outside world thinks of everything as belonging to that IP address, therefore the incoming packet will be sent to it and will then match the ACL, which in turn will trigger your NAT rule to forward it to your internal server.
!
ip access-list extended web-acl-7
remark Forward to x.x.0.34
permit tcp any host x.x.x.33 eq domain log
permit udp any host x.x.x.33 eq domain log
!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-10-2008 05:47 AM
тАО06-10-2008 05:47 AM
Re: Help with In Bound 1:1 NAT
Contrary to your statement, the outside world doesn't know what my router is doing and doesn't care. The outside world looks up the ip address for one of my particular services by querying my DNS. My DNS is going to give them a different IP address depending on what service they're looking for. My ISP is going to forward traffic for my entire Class C to my router. My router knows, or should know, that it's on a Class C subnet and the address range that falls within that subnet. Based on that subnet, my router should accept packets for ANY address in the subnet that I've told it to accept packets for. It should then NAT the destination address, the public addres, to an internal address and deliver the packet.
If you're telling me that my brand new, "state of the art" router from HP can't do what my beaten up, 10+yr old router from Intel can, well, I guess I need to send the HP back.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-10-2008 06:04 AM
тАО06-10-2008 06:04 AM
Re: Help with In Bound 1:1 NAT
>> For your question #2: Yes, you have to >>configure your 13 addresses as secondary on >>the outside facing interface.
Is this true? Do I need to setup all my public IP addresses as secondaries on my public interface? It would seems to solve my problem but it also seems unnecessary. If I address my router with a subnet, shouldn't the router know what all the public spaces is based on the subnet?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-10-2008 07:33 AM
тАО06-10-2008 07:33 AM
Re: Help with In Bound 1:1 NAT
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-10-2008 01:44 PM
тАО06-10-2008 01:44 PM
Re: Help with In Bound 1:1 NAT
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-11-2008 06:24 AM
тАО06-11-2008 06:24 AM
Re: Help with In Bound 1:1 NAT
I still think the idea is silly. And if it works, this is the first router I've ever heard of needing such a thing.