I need to pull a single device behind a RB750gr3 and incorporate that device into my main network without having the network behind the NAT and the Main network broadcasting to one another.
Basically:
Main network is on /22 subnet, behind a single NAT device which is the main Router/Gateway
Client network is behind another NAT on /24 subnet that gets internet from the Main network.
I want to pull a single device from the client network through the NAT without effecting the two networks.
Client still needs to access his device on his local network & I need access to the device on the main network.
I’m not sure how to phrase this question properly, but would appreciate if someone can point me to the right documentation on the wiki.
From your description I gather that you have a double-NAT scenario and are trying to permit communication between hosts on the inner and outer NAT islands.
What exactly are you trying to accomplish and are you allowed to make changes to the overall network layout? Double NAT is rarely helpful. Also, a quick diagram of the constituent pieces would be a real help.
I want to incorporate the green device on the clients network to be able to talk directly to the main network past the NAT.
Only reason client has a link to the main network is for Internet. But now he wants local monitoring on his device on our side without impacting the current working state of both networks.
Does the client have a second NAT because they’re administratively not part of your organization (and also don’t coordinate addressing with you)? If that’s the case, then you probably don’t have a choice other than to port forward. It’s worth pointing out that that host won’t exactly be on the /22 LAN though. Hopefully that’s not what you’re intending by “incorporating the green device” on your /22 LAN.
If the client is more like an internal client of your organization and you coordinate address space with them, then you could just route between the two without complicating the situation with port forwarding (and you probably don’t need the NAT anyway).
