04-05-2008 12:35 PM
Hello,
I have a static NAT configured on my ACE that translates an internal IP to an external IP, but I want the same internal IP to maintain its IP when destined to a certain network. It's the same concept that is used on PIX/ASA with a nonat rule (nat 0). Any ideas on how to accomplish this?
Here's my static NAT config:
class-map match-all cmap-static-10.20.1.10
2 match source-address 10.20.1.10 255.255.255.255
!
policy-map multi-match pmap-nat-vl4001
class cmap-static-10.20.1.10
nat static 5.5.5.5 netmask 255.255.255.255 vlan 501
!
interface vlan 4001
service-policy input pmap-nat-vl4001
Thanks,
Lee
Solved! Go to Solution.
04-07-2008 01:43 AM
Lee,
basically you need to change the match source-address into a match ACL and create an ACL that deny the destination ip for which you want no nating and permit the rest.
Gilles.
04-07-2008 01:43 AM
Lee,
basically you need to change the match source-address into a match ACL and create an ACL that deny the destination ip for which you want no nating and permit the rest.
Gilles.
11-29-2011 12:15 PM
I hate to drudge up an old post, but this sounds exactly like an issue I am researching and I was wondering if anyone could help expand on this.
I have a serverfarm that I want everyone to hit with NAT'd addresses except for two IP's, but when I attempt to add a "match access-list" the class-map (which already has a match virtual-address), I get an error that I can not add other match types.
class-map match-all VIP_HOST1
2 match virtual-address 172.1.1.100 any
Basically I have a serverfarm (HOST1.domain.com) that has two rservers (10.1.1.101 and 10.1.1.102) that use VIP 172.1.1.100. I have two other servers (10.1.1.201 and 10.1.1.202) that will use the VIP of HOST1, but I do not wish for those two IP's to get NAT'd.
Thanks for any assistance!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide