1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

one-to-one NAT

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by tjusas, Aug 6, 2007.

  1. tjusas

    tjusas LI Guru Member

    Hi,

    Looking to do a one-to-one NAT to solve my issue of hosting a web site requiring SSL behind my RVL200 (SSL router). I have multiple IPs available and so would like to route via IP to my web server but wanted to know how to accomplish one-to-one NAT with my RVL?

    Can someone help?:thumbup:
     
  2. ifican

    ifican Network Guru Member

    The bigger issue is going to be do you have more then 1 computer you want connecting out? When you create a one to one nat you no longer have that ip to use for other machine via PAT. Do you plan on connecting more then one machine, and have you though about how to accomplish that? Also out of curiosity, any reason you cant just port forward 443?
     
  3. tjusas

    tjusas LI Guru Member

    As far as more than one machine, I am not sure what you mean but there is only one web server involved in this setup. I need to reach this machine with SSL traffic coming from the outside in. My client uses the SSL feature of the router so forwarding 443 is not an option since they still need to connect via VPN and not get routed to the web server. So, IP1 can act as my client's SSL/VPN and IP2 will be the web site that will utilize SSL.

    Is this what you are referring to in your question?
     
  4. tjusas

    tjusas LI Guru Member

    1-to-1 NAT

    How do you actually accomplish a one-to-one NAT with the RVL200? Can someone tell me where this is done?

    Thanks...
     
  5. ifican

    ifican Network Guru Member

    When you create a one to one mapping, you are using the ip assigned to the wan interface. Unless you have the ability to create sub interfaces when you create the mapping to the server you are going to loose the ability to connect to the router. Its why i asked if anymore then that one server needs to connect. If there are any other hosts on the inside, when you bind the internal to external mapping you can no longer use that interface for PAT, hence no other machine besides the server will beable to connect to the outside world.
     

Share This Page