Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

NAT for Overlapping Networks

Status
Not open for further replies.
scrimmy

scrimmy

Technical User
Sep 27, 2001
75
0
0
GB
hi there,

Can someone please help.

We have recently aquired another business that uses the same private IP address range we use.
I have been asked to arrange access to thier hosts from our network.
I have read this can be achieved using static NAT statements.
I have had a WAN link installed using a private IP address subnet not in use by either company.


Existing 172.20.20.1/24 NAT Router New
Company ------------------ Supplied by ------------- int fa0/0 inside ------------ Company
Network Service Provider int fa0/1 outside Network
192.168.10.0/24 192.168.10.0/24


NAT Router cisco 2600 series
Interface fa0/0 ip address 172.20.20.254/24
ip nat inside
interface fa0/1 ip address 192.168.10.1/24
ip nat outside
ip route 0.0.0.0 0.0.0.0 172.20.20.1


If I need to access a server on the new companies IP address 192.168.10.200 would I target say 172.20.20.200 from my network
and have a static NAT entry in the nat router such that

ip nat inside source static 172.20.20.200 192.168.10.200

And then have more static nat entries for each host we need to access.

Thanks in advance.



 
Sort by date Sort by votes
This seems a bit strange...usually NAT is to translate public to private, since private addresses cannot be otherwise reached from the internet...but please forgive me, as I am still learning myself...
First, I assume that the two sites are in separate buildings? If so, then why not just have a simple T1, PPP serial connection between the two sites? That way, you are all on the same subnet, reachable over the internet, and you can NAT from the private side behind each router at each site, to the outside? Even a DSL service and site-to-site VPN would work.

Burt
 
Upvote 0 Downvote
Hi,

I believe you could use NAT for your solution. However, I recommend to assign a different address scheme to each company (keep the CPU process down) or probably you may aggregate the servers in a new subnet.

You mentioned a WAN link but there are only FastEthernet interfaces configure. Assuming that you use FE to connect to your service provider, then you have to identify well your OUTSIDE and INSIDE interfaces. I think you have it reversed.

Connection to your provider 172.20.20.254/24 should be your outside side (it is the untrust side and does not belong to your network) then inside side is 192.168.10.1/24.

The traffic initiates from your Existing company to your New company. So then the NAT should be applied on the outside interface. Use a different subnet for NATing, for example, 10.168.10.0/24.

In your NAT-router, your NAT statement should look like this:

ip nat outside source static 10.168.10.200 192.168.10.200

And you should have a route pointing to 192.168.10.0/24

In your router at the Existing company add a route to 10.168.10.0/24

I hope this could help you.

Thanks.





 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

jarod_paris
  • Locked
  • Question
firmware for an AP2800 WiFi terminal
Replies
0
Views
69
jarod_paris
jarod_paris
disk-us
  • Locked
  • Question
RTU licensing for a901
Replies
0
Views
34
disk-us
disk-us
Willi DB
  • Locked
  • Question
Polycom410 Forward an incoming call
Replies
0
Views
41
Willi DB
Willi DB
MoJHK
  • Locked
  • Question
UAT for Cisco C9200
Replies
0
Views
30
MoJHK
MoJHK
acabezas2014
  • Locked
  • Question
Need to create QoS for SNMP and Radius traffic on Cisco 4948 Switches
Replies
0
Views
37
acabezas2014
acabezas2014

Part and Inventory Search

Sponsor

Back
Top