This document provides a sample configuration for Network Address Translation (NAT) to establish a session between Cisco Transport Controller (CTC) and ONS 15454. The configuration hides the real IP address of CTC through NAT when CTC resides inside the firewall.
Note: For this procedure to work, you must ensure that the ports are not blocked or filtered.
Before you attempt this configuration, ensure that you have knowledge of these topics:
Cisco ONS 15454
Cisco Routers that support NAT
The information in this document is based on these software and hardware versions:
Cisco ONS 15454 version 5.0 and later
Cisco IOS® Software Release 12.1(11) and later
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.
For more information on document conventions, refer to the Cisco Technical Tips Conventions.
The topology consists of these elements:
One Cisco ONS 15454
Two Cisco 2600 series routers
Cisco ONS 15454 resides in the external network, and acts as the server. The PC resides in the internal network, and serves as the CTC client.
In this section, you are presented with the information to configure the features described in this document.
This document uses this network setup:
This document uses these configurations:
Cisco ONS 15454
Cisco 2600 series routers
172.16.1.254 is the IP address of the PC (see arrow A in Figure 3), and 172.16.1.1 represents the default gateway (see arrow B in Figure 3). NAT translates the IP address to 10.89.239.100 for security reasons. The Cisco 2600 series router provides the necessary support for NAT and routing.Figure 3 – PC Configuration
Complete these steps to configure NAT support on the routers:
Configure the outside interface.
! interface Ethernet1/1 ip address 10.89.239.1 255.255.255.0 ip nat outside !
Configure the inside interface where the PC resides.
interface Ethernet1/2 ip address 172.16.1.1 255.255.255.0 ip nat inside !
Configure static NAT.
! ip nat inside source static 172.16.1.254 10.89.239.100 !
Issue the show ip nat translations command on the router.Figure 4 – IP NAT Translations
This section provides information you can use to confirm your configuration is working properly.
Complete these steps:
Run Microsoft Internet Explorer.
Type http://10.89.238.192 in the Address bar of the browser window, and press ENTER.
The CTC Login window appears.
Type your User Name and Password to log in.
CTC client must successfully establish a session with the ONS 15454.
This section provides information you can use to troubleshoot your configuration.
Note: Before issuing debug commands, refer to Important Information on Debug Commands.
debug ip nat detailed—turns on the IP NAT detailed trace.
The output of the debug ip nat command indicates the address translations. For example, NAT translates 172.16.1.254 to 10.89.239.100 when CTC sends data to ONS 15454 (see arrow A in Figure 5). Similarly, NAT translates 10.89.239.100 to 172.16.1.254 when CTC receives data from ONS 15454 (see arrow B in Figure 5).Figure 5 – Debug IP NAT Detailed
The Cisco Support Community is a forum for you to ask and answer questions, share suggestions, and collaborate with your peers.
Refer to Cisco Technical Tips Conventions for information on conventions used in this document.