I'm trying to allow access to a printer on a separate LAN in the same building. I have control over only one of the networks… My attempt at not using another router failed see here.
I now have a Cisco 2611 running IOS 12.2 (eBay special) to join the networks. I can't route as I have no control over the settings on the remote network I can only add an IP address in the form of one of the interfaces on the router – so I am left doing a static NAT.
Our network: 10.0.0.0/24
Our router interface e0/0 10.0.0.200
Their network: 192.168.2.0/24
Their router interface e0/1 192.168.2.200
Their printer 192.168.2.50
So I would like to do a static NAT from 10.0.0.200 to 192.168.2.50
My show running-config
Fibrotech(config)#do sh ru
Building configuration...
Current configuration : 573 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Fibrotech
!
ip subnet-zero
!
interface Ethernet0/0
ip address 10.0.0.200 255.255.255.0
ip nat outside
full-duplex
!
interface Ethernet0/1
ip address 192.168.2.200 255.255.255.0
ip nat inside
full-duplex
!
ip nat inside source static 192.168.2.50 10.0.0.200 extendable
ip classless
no ip http server
ip pim bidir-enable
!
line con 0
line aux 0
line vty 0 4
!
end
Wireshark shows me that the request does get through to 192.168.2.50 from our network, but it is presented with a source address of (for instance) 10.0.0.5. Since it has no route to the 10.0.0.0 network it fails.
So how can I make it NAT properly so the source address is the inside interface of the router?
Edit – have removed port 80 from the sh ru, it just needs to be a straight static map.
Also the router being used is not the gateway for either network, the only knowledge either network have of the router is the IP address on each interface.
Best Answer
In the end I had to enlist the help of the Cisco 877 that was the gateway and setup a static route to the other network via the router.