nat question

Answered Question
May 1st, 2008
User Badges:

Hi all,


i've got this situation:

policy src nat from 1 specific IP to some other, it works, if i contact from 1.1.1.1 --> 2.2.2.2 port 23 i've translated src 1.1.1.1 to 3.3.3.3 and if i contact 1.1.1.1 --> 4.4.4.4 port 22 i've translated src 1.1.1.1 to 5.5.5.5.


But i need also comunication from 7.7.7.7 to my 1.1.1.1 port 23 and 8.8.8.8 to my 1.1.1.1 port 23 translation. I mean 7.7.7.7 contact my real 1.1.1.1 but pointing to address 9.9.9.9 and 8.8.8.8 contact my 1.1.1.1 but pointing to address 10.10.10.10.


so i need a kind of policy NAT from outside world destination point of view.


do you think is possible?


thk


dan

Correct Answer by sundar.palaniappan about 8 years 11 months ago

Dan,


If I understood your requirement correctly you should be able to get this to work by using route maps with static translations. It's a cool feature and I can see it working. Try this and let us know how you did.


ip nat inside source static 1.1.1.1 3.3.3.3 route-map test

ip nat inside source static 1.1.1.1 9.9.9.9 route-map test2


route-map test

match ip address 150


route-map test2

match ip address 160


access-list 150 permit tcp host 1.1.1.1 host 2.2.2.2 eq 23


access-list 160 permit tcp host 7.7.7.7 host 9.9.9.9 eq 23


HTH


Sundar



Correct Answer by amritpatek about 8 years 11 months ago

For the configuration nat for Outside-to-Inside Support Design follow the steps :

1. enable

2. configure terminal

3. ip nat pool name start-ip end-ip netmask netmask

4. ip nat pool name start-ip end-ip netmask netmask

5. ip nat inside source rout-map name pool name [reversible]

6. ip nat inside source rout-map name pool name [reversible]

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Correct Answer
amritpatek Wed, 05/07/2008 - 13:49
User Badges:
  • Silver, 250 points or more

For the configuration nat for Outside-to-Inside Support Design follow the steps :

1. enable

2. configure terminal

3. ip nat pool name start-ip end-ip netmask netmask

4. ip nat pool name start-ip end-ip netmask netmask

5. ip nat inside source rout-map name pool name [reversible]

6. ip nat inside source rout-map name pool name [reversible]

Correct Answer
sundar.palaniappan Wed, 05/07/2008 - 15:51
User Badges:
  • Green, 3000 points or more

Dan,


If I understood your requirement correctly you should be able to get this to work by using route maps with static translations. It's a cool feature and I can see it working. Try this and let us know how you did.


ip nat inside source static 1.1.1.1 3.3.3.3 route-map test

ip nat inside source static 1.1.1.1 9.9.9.9 route-map test2


route-map test

match ip address 150


route-map test2

match ip address 160


access-list 150 permit tcp host 1.1.1.1 host 2.2.2.2 eq 23


access-list 160 permit tcp host 7.7.7.7 host 9.9.9.9 eq 23


HTH


Sundar



Actions

This Discussion