Static NAT between 2 VLANs on Balance router

Richard_Anderson · August 13, 2022, 5:23am

Hi,

Is there a way to create a static NAT between two VLAN subnets on a single Balance One router?

I have a situation where I have 5 WANs in use, and then there are two more connections for management, which have their own gateway, etc but don’t support routing outside their subnet. I have created the subnets on the Balance, assigned the ports to their dedicated VLANs, and enabled InterVLAN routing but that doesn’t work since the devices themselves won’t route outside their own subnet.

So can I create some static NATs so that on the regular client LAN, I can assign two IP addresses, one for each device, that NAT into the two management VLANs?

If so, how?

Balance One routers, running 8.2.1 firmware.

Thanks!

MartinLangmaid · August 13, 2022, 8:59am

No there is not. You would need to add static routes to the management devices gateway for the VLANs you want to access on the balance.

Grant_Jamieson · May 25, 2024, 3:12am

I would like to revive this topic as we have a requirement for a host on one vlan to be able to connect to a host on a seperate vlan where setting a static route is not feasible. I spoke to @PeterWest when he was last in Sydney and he said it was possible using a custom Nat policy but i have been unsuccessful in doing this. Ideally i want to be able to use the routers ip address on the vlan i am trying to connect to as the natted source ip address. Any suggestion if this is now possible?

MartinLangmaid · May 25, 2024, 5:26pm

Virtual Network mapping will fix this for you now. You will assign a new virtual IP to the devices you want to manage point it at the current IP and because the Peplink is NATting between the two the source IP the balance uses to access the device becomes local to it and a gateway is no longer needed.

Grant_Jamieson · May 27, 2024, 3:53am

Hi Martin

Thanks for that although this does not quite resolve my issue because it needs to be a ‘many to one’ nat. that is to say the host initiating the intervlan connection is not known and could have any IP in the subnet of the source vlan. Is that possible?

jakabasej5 · May 27, 2024, 5:25am

Using a custom NAT policy to achieve what you need should be possible, but it can be tricky.

MartinLangmaid · May 27, 2024, 8:48am

It doesn’t. You can use custom NAT mappings for single non sequential network IPs. Click the blue arrow then the link.

Custom 1:1 mappings are then possible:

The custom subnet can either be set to a completely different subnet or to an existing subnet. You can’t however use the LAN IPs assigned to the interfaces of the Peplink router you are configuring it on (ie the default 192.168.50.1 IP can not be used).

You migth consider staring a new thread for your question and drop in a network diagram and we can work it out.