Redirect traffic using NAT

tubetube Member Posts: 36 ■■□□□□□□□□
in CCNA & CCENT
Hello, I am having trouble with NAT at the moment and really need your help.

Suppose I have two subnets,

- on E0 port, I configure it as outside cloud (ip: 172.16.10.1)
- and on E1 port, I configure it as inside cloud (172.16.20.1)

on outside cloud (E0) there is a web server (172.16.10.5), the inside cloud devices can access the web server successfully. However, I want to shut down the external web server (172.16.10.5) and redirect the traffic 172.16.10.5 to the internal web server (172.16.20.2) which is newly created and configured.

The users from inside cloud are unaware of the changes. They still use the old address 172.16.10.5.

I am using this command:

ip nat inside source static

but can't seem to make it work.

Thanks for your help or any inputs.
· Share on FacebookShare on Twitter

Comments

  • geezergeezer Member Posts: 136
    From http://www.cisco.com/warp/public/556/12.html#topic8 this may help.

    Let us know how you get on.
    I used to be undecided but now I'm not so sure.

    There are only 10 types of people in the world: Those who understand binary, and those who don't!
    · Share on FacebookShare on Twitter
  • cristi.grigorecristi.grigore Member Posts: 18 ■□□□□□□□□□
    tube, from your description I understand that the input interface for the packets should also be the output interface of the packets (you are trying to translate from a global destination address to a local destination address that is on the same subnet as the source, which will route the packets back through the "ip nat inside" interface). Am I right?

    Usually, Cisco IOS will translate ip addresses between two physical interfaces - the inside one and the outside one. Using only one physical interface is a bit tricky. (http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080094430.shtml)

    Please confirm that this is the case and we can continue from there.
    · Share on FacebookShare on Twitter
  • tubetube Member Posts: 36 ■■□□□□□□□□
    Thank you for reply and the link.

    The last part of the article is exactly what I am trying to achieve. But it doesn't work. it does not redirect (translate) from 172.16.10.8 to 172.16.50.8. May be I am missing something.
    · Share on FacebookShare on Twitter
  • tubetube Member Posts: 36 ■■□□□□□□□□
    Thanks cristi.grigore, I am reading it at a moment. It is quite complicated!
    · Share on FacebookShare on Twitter
  • tubetube Member Posts: 36 ■■□□□□□□□□
    I turn on the debugging and this is the message I got:

    01:26:04: NAT: i: icmp (172.16.50.2, 512) -> (172.16.10.8, 512) [9526]
    01:26:09: NAT: i: icmp (172.16.50.2, 512) -> (172.16.10.8, 512) [9527]
    01:26:09: NAT*: o: icmp (172.16.10.8, 512) -> (172.16.50.2, 512) [649]
    01:26:09: NAT*: s=172.16.10.8->172.16.50.8, d=172.16.50.2 [649]
    01:26:10: NAT*: o: icmp (172.16.10.8, 512) -> (172.16.50.2, 512) [650]
    01:26:10: NAT*: s=172.16.10.8->172.16.50.8, d=172.16.50.2 [650]
    01:26:11: NAT*: o: icmp (172.16.10.8, 512) -> (172.16.50.2, 512) [651]
    01:26:11: NAT*: s=172.16.10.8->172.16.50.8, d=172.16.50.2 [651]

    It seems to translate 172.16.10.8 to 172.16.50.8 and replies back to 172.16.50.2 (inside cloud computer where I issue a ping command ping 172.16.10.icon_cool.gif.

    The ping comand seems to work but I can't browse the web server (172.16.50.icon_cool.gif.

    I really don't know the asterisk '*' next to NAT mean.
    · Share on FacebookShare on Twitter
Sign In or Register to comment.