— pissing into the wind

nat for remote management

So I had an issue at work that went like this:  We recently put in new managed switches at our remote sites.  One of them failed and was replaced by our 3rd party subcontractor.  They just do a hardware replacement and my team does the configuration.  By default, the switches are configured to use 192.168.1.254 with no gateway info set.  There is only a web UI enabled by default as well.  I have to somehow open a browser and get access to that web console so I can configure the new switch.  I have an 1841 or 1921 router at the other end to configure to make this work.  NAT voodoo time.

The scenario:

NATNAT

The fix:

conf t

int f0/0
ip add 192.168.1.253 255.255.255.0
ip nat inside

int s0/0/0
ip nat inside

int l1
ip address 10.15.4.249 255.255.255.252
no shut

exit

router bgp 65000
network 10.15.4.248 mask 255.255.255.252

exit

ip nat outside source static 192.168.1.254 10.15.4.250
ip nat inside source static 10.210.23.8 192.168.1.100
ip route 10.15.4.250 255.255.255.255 f0/0 1

end

Now I can open a browser to 10.15.4.250 and it works.  When doing any commands reaching back to my computer (tftp), I used 192.168.1.100 as the server (tftp://192.168.1.100/startup-config) and that worked.

That’s it.

0 comments
Submit comment