I'm stuck with NAT.
The inside server is at 192.168.1.1 running HTTP on port 80. The Cisco IOS router at 192.168.1.254 using 1.1.1.1 as external address.
NAT overload works correctly for Internet access, as well as local access to the server.
The router is port forwarding using:
ip nat inside source static tcp 192.168.1.1 80 interface Dialer0 80
and the external host at 2.2.2.2 can see the server.
If I swap the server – all settings being left the same, ARP caches cleared – for a device which only accepts clients from it's own subnet (the 192.168.1.0/24 network), the port forwarding quite correctly fails.
That's because, although the inbound packet has its destination changed, the source of the request remains as 2.2.2.2.
What NAT do I need to use to ensure inbound requests, which can be on a different port if needed, appear to hit the server/device from 192.168.1.254 – the router's internal IP?
Best Answer
You can use
outside sourceto translate the outside address to appear as if it comes from inside. Companies often use this when they merge and have overlapping address ranges.See this question for an explanation of different NAT options.