Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5445
Views
0
Helpful
4
Replies

How to rewrite destination IP address

peter.chang
Level 1
Level 1

‎02-26-2007 06:44 PM - edited ‎03-03-2019 03:56 PM

Does anyone know how I would configure a 17x1 router, 18x1 router, or pix to perform a destination IP rewrite?

For example if host 1.2.3.4 is sending a packet to 5.6.7.8, I want to rewrite 5.6.7.8 to 9.10.11.12 . Changing the destination IP in the application is not currently possible so I want to rewrite it in transit.

The NAT commands I've looked at all appear to modify source ip addresses only, not destination. Outside NAT on the pix does not seem to do what I need either.

Thanks.

Labels:
0 Helpful
4 Replies 4

eigrp90
Level 1
Level 1

‎02-26-2007 08:19 PM

following link is FYI.

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_configuration_example09186a0080093f8e.shtml

This example exactly rewrite the destination IP. hope it could be helpful for you.

0 Helpful

peter.chang
Level 1
Level 1
In response to eigrp90

‎02-26-2007 08:41 PM

Thank you for the reply. This doesn't seem to do exactly what I have in mind. Let me try to clarify:

1. I actually have multiple source hosts talking to one specific destination IP address.

2. I want to configure the router or pix so that one specific source host talks to a different destination IP address without touching the source host.

3. All hosts go to the same router on the other end of the link over which I have no control.

So I need to rewrite the destination IP address inside the packet without mofidying the source host. Based on the example at the link provided above it would seem that I need to configure routers on both ends of the link, but I cannot do that.

I think DNAT with netfilter or ipchains in Linux can accomplish what I am trying to do, but adding another box is not an option. Adding another Cisco device might be.

Thanks.

0 Helpful

dradhika
Cisco Employee
Cisco Employee
In response to peter.chang

‎02-26-2007 11:08 PM

Hi,

I am not sure if I understand your 2nd and 3rd points.

As per the original mail,my understanding is - when ever a packet crosses your router and destined to 5.6.7.8 the destination ip needs to be changed to 9.10.11.12.

In that case the following cli might help you,

ip nat outside source static 9.10.11.12 5.6.7.8

when a packet from outside enters inside network and has the source address as 9.10.11.12 the source address will be changed to 5.6.7.8

and

when a packet from inside goes outside and if the destination is 5.6.7.8 , the destination will be changed to 9.10.11.12

Copying the debug messages from my device

Test#sh ip nat tr

Pro Inside global Inside local Outside local Outside global

--- --- --- 5.6.7.8 9.10.11.12

Test#ping 5.6.7.8 source $inside interface

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 5.6.7.8, timeout is 2 seconds:

Packet sent with a source address of 1.1.1.13

*Feb 26 05:47:10.290: NAT: s=1.1.1.13, d=5.6.7.8->9.10.11.12 [30].

*Feb 26 05:47:12.290: NAT: s=1.1.1.13, d=5.6.7.8->9.10.11.12 [31].

*Feb 26 05:47:14.290: NAT: s=1.1.1.13, d=5.6.7.8->9.10.11.12 [32].

*Feb 26 05:47:16.290: NAT: s=1.1.1.13, d=5.6.7.8->9.10.11.12 [33].

*Feb 26 05:47:18.290: NAT: s=1.1.1.13, d=5.6.7.8->9.10.11.12 [34].

Let me know if this helps you .

Thanks,

Radhika

0 Helpful

peter.chang
Level 1
Level 1
In response to dradhika

‎02-27-2007 02:01 PM

This might do what I need after all. I will test and update when I confirm that this works.

Thanks,

Peter

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card