NAT on a stick perhaps?

Answered Question
Nov 27th, 2007
User Badges:

Hi all

I've got a requirement where hosts on the

same segment must talk to other hosts on the same segment via another address.

source ip dest ip but dest is really

This is for DR as the hosts are replicas of production but with different ip addresses with the same application configurations. I tried to create a loopback address and designate that as the outside interface for nat and the LAN interface as the inside. I then added a static nat for the translation and a static route to point to the loopback. I'm wondering if this approach would work.

Thanks in advance

Correct Answer by paolo bevilacqua about 9 years 4 months ago


this would be your configuration example:

Hope this helps, please rate post if it does!

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)
u0087672js Thu, 11/29/2007 - 13:26
User Badges:

Maybe try putting a secondary IP address in the range on the interface that the device connects to.

nhon.yeung Thu, 11/29/2007 - 17:54
User Badges:

Thanks.. i found this as well, initially i wanted to avoid using pbr but it looks like i have to, either that or use a dedicated nat router.

nhon.yeung Thu, 11/29/2007 - 19:09
User Badges:

I spoke too soon.. i think i'm getting myself confused.. this is what i want

NAT: s:, d: ->

i'm not too if this can be done with PBR or NAT on a stick. i believe i'll need to NAT for both the source and destination otherwise i'll get duplicate ip issues.

s.arunkumar Thu, 11/29/2007 - 20:20
User Badges:
  • Bronze, 100 points or more

Is that ur application want the packet for be diverted to host on the the segment??

if so,i dont know if the following solution a blunder,since i am assuming your senario,

Instead of nat,Create an static arp entry for with mac of ,so that the frame diverted towards device with ip

and that device should be configured with secondary address

nhon.yeung Thu, 11/29/2007 - 21:03
User Badges:

yep that's what i want to do,

the problem is that the host can't take secondary address.. this was my first option.

anyway is there a way i can do a source and destination nat along with pbr to do this?

so s: ->, d: ->


This Discussion