Dual NAT with NSX

rajeevsrikant · ‎05-23-2017

Dear All

I am looking for the below scenario of Dual NAT with NSX Edge.

I have 2 similar networks.

Say Group#1 of servers - 10.10.10.0/24

Group#2 of servers - 10.10.10.0./24 ( This network is closed & not advertised)

I want servers in Group#1 to communicate with servers in Group#2 via NAT.

So i need to use to change the source & destination IP.

My understanding is that in this scenario, I need to use both Source NAT & also destination NAT.

Let me know if this is possible with NSX NAT in Edge.

Any body has done similar exercise.

smitmartijn · ‎05-24-2017

Hi,

Using both destination and source NAT at the same time is possible on a NSX Edge. However, if you want Group #1 to be able to talk to Group #2, you'd need 2 separate NSX Edges, as you'd have a routing problem otherwise. Here's an example of how it would work:

Group #1: 10.10.10.10 connects to 1.1.1.1 -> NSX Edge #1 SNAT masks to 100.100.100.10 -> NSX Edge #2 DNAT translates 1.1.1.1 to Group #2: 10.10.10.10.

Replies from group #2 would go to 1.1.1.1, which Edge #1 will DNAT translate into 10.10.10.10 again.