Solved: IP Nat Inside Source Static

mikntwd49508 · ‎07-05-2007

I would like to add the following configuration to FastEthernet0/1.200.

"IP Nat Inside Source Static 10.1.0.11 216.x.x.x" (x=hidden numerical value for purpose of this forum/internet).

HOWEVER,

current assignment is configured as:

ip http server

ip http authentication local

ip http secure-server

ip nat inside source list NAT interface FastEthernet0/1.200 overload

ip nat inside source static 10.1.0.10 216.109.x.x (x=hidden values for purpose of this forum/internet).

*** When I attempted to add the new value, a error message appeared stating another entry for this IP address already exists; 216.109.x.x.

Can I configure same interface with two private ip addresses to allow dns & mail?

dradhika · ‎07-05-2007

Can you try using the dynamic rules as below?

ip nat pool pool1 216.109.x.10 216.109.x.10 prefi 30

ip nat inside source list 1 pool pool1

access-list contain permit 0.10 and 0.11

I think this one solves your problem.

HTH,

Radhika

View solution in original post

Jon Marshall · ‎07-05-2007

Hi

Can you add the keyword "extendable" to each of your "ip nat source static ..." commands. eg

ip nat inside source static 10.1.0.10 216.109.x.x extendable

etc.

This allows the router to use port number for mappings as well which should allow it to resolves 2 private addresses to the same public.

HTH

Jon

mikntwd49508 · ‎07-05-2007

Ok, i just entered:

ip nat inside source static 10.1.0.10 216.109.x.x extendable. After entering it, it appears to have accepted it.

Then I entered:

ip nat inside source static 10.1.0.11 216.109.x.x

I got the following error:

DPI-CME-2811(config)#$de source static 10.1.0.11 216.109.x.x extendable

% similar static entry (10.1.0.10 -> 216.109.202.34) already exists

DPI-CME-2811(config)#

Jon Marshall · ‎07-05-2007

Hi

Sorry, was just editing my previous reply

ip nat inside source static tcp 10.1.0.10 25 216.109.x.x 25 extendable

ip nat inside source static udp 10.1.0.11 53 216.109.x.x 53 extendable

This obviously covers mail and DNS but i don't know which port goes with which server.

Jon

mikntwd49508 · ‎07-05-2007

I appreciate the prompt replies and information.

I am a little confused.

In your recent reply, you indicate two private IP addresses; each one having a separate port number to reflect that service.

wouldn't I create two entries as follows because the *.11 is new mail server:

ip nat inside source static tcp 10.1.0.11 25 216.109.x.x 25 extendable

ip nat inside source static udp 10.1.0.11 53 216.109.x.x 53 extendable

?

Jon Marshall · ‎07-05-2007

Hi

I'm a little confused now. I though that was what you wanted ie. to map 2 private IP addresses to the same public IP.

Jon

mikntwd49508 · ‎07-05-2007

YES. :-)

Currently,

ip nat inside source static 10.1.0.10 216.109.x.x.

I want to add a new mail server, 10.1.0.11 so it can be accessed via internet.

I was trying to add:

ip nat inside source static 10.1.0.11 216.109.x.x. but received error.

Jon Marshall · ‎07-05-2007

Okay

Can you provide details of excatly what you want to re port numbers and private IP addresses.

I'm assuming you are using the same public IP address ?

Jon

dradhika · ‎07-05-2007