[c-nsp] Layer3 inside NAT Interface?

[Alex Cruz Farmer]

Hi,

I've got an issue with a setup I'm trying to do. $client is unable to add the individual IP addresses to their servers for a valid
reason, so the only way I can see getting around the problem would be using NAT.

Topology is:

Server <-> CORE
            |
            | (OSPF with PE)
            |
           PE <-> CE <-> Customer-server

Server has the address of 1.1.1.1, but needs to be seen as 10.250.1.150 to the Customer Server which is 2.2.2.2. At the moment, Fa0/0
is configured to the core network via OSPF, through a simple /30, for this example, we'll say 192.168.0.0/30, this interface is set as
"inside". Fa0/1 is set to outside, and configured with a /30 using 192.168.0.254/30 (.253 being the customer) just as a way of being
able to statically route traffic back.

Now, the problem is, as the server isn't in the same Vlan as the PE, and the server is configured on a /30 to the CORE (i.e. 1.1.1.1/30
is the server, 1.1.1.2/30 is the router) there is no room for the inside of the NAT interface on the PE to be in the same Vlan/Layer2
subnet.

What I'm trying to work out is whether when using NAT, I need to be in the same subnet as the servers on the "inside" side.

So, a request from the customer server to the server would be seen as:

                                             NAT shiz here
2.2.2.2 -> 192.168.0.253 -> 192.168.0.254 -> 10.250.1.50 -> 1.1.1.2 -> 1.1.1.1

If anyone has any suggestions, it would be greatly appreciated. Apologies also if it's difficult to understand, I've been running
around in circles for a while trying to work out a decent solution! The PE routers are green field and can be wiped if NAT is a
ridiculous idea.

Thanks,

Alex.


This e-mail is subject to: http://www.netsumo.com/email.sumo

NetSumo Limited - Registered Company in England and Wales
13 Hanover Crescent, Brighton, BN2 9SB, Great Britain
Company Number: 2666084 - VAT Number: GB 587 7952 63