Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
250
Views
0
Helpful
2
Replies

nat question

Go to solution
danilodicesare
Level 1
Level 1

‎05-01-2008 05:20 AM - edited ‎03-03-2019 09:47 PM

Hi all,

i've got this situation:

policy src nat from 1 specific IP to some other, it works, if i contact from 1.1.1.1 --> 2.2.2.2 port 23 i've translated src 1.1.1.1 to 3.3.3.3 and if i contact 1.1.1.1 --> 4.4.4.4 port 22 i've translated src 1.1.1.1 to 5.5.5.5.

But i need also comunication from 7.7.7.7 to my 1.1.1.1 port 23 and 8.8.8.8 to my 1.1.1.1 port 23 translation. I mean 7.7.7.7 contact my real 1.1.1.1 but pointing to address 9.9.9.9 and 8.8.8.8 contact my 1.1.1.1 but pointing to address 10.10.10.10.

so i need a kind of policy NAT from outside world destination point of view.

do you think is possible?

thk

dan

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
amritpatek
Level 6
Level 6

‎05-07-2008 01:49 PM

For the configuration nat for Outside-to-Inside Support Design follow the steps :

1. enable

2. configure terminal

3. ip nat pool name start-ip end-ip netmask netmask

4. ip nat pool name start-ip end-ip netmask netmask

5. ip nat inside source rout-map name pool name [reversible]

6. ip nat inside source rout-map name pool name [reversible]

View solution in original post

0 Helpful

Go to solution
sundar.palaniappan
Level 10
Level 10

‎05-07-2008 03:51 PM

Dan,

If I understood your requirement correctly you should be able to get this to work by using route maps with static translations. It's a cool feature and I can see it working. Try this and let us know how you did.

ip nat inside source static 1.1.1.1 3.3.3.3 route-map test

ip nat inside source static 1.1.1.1 9.9.9.9 route-map test2

route-map test

match ip address 150

route-map test2

match ip address 160

access-list 150 permit tcp host 1.1.1.1 host 2.2.2.2 eq 23

access-list 160 permit tcp host 7.7.7.7 host 9.9.9.9 eq 23

HTH

Sundar

View solution in original post

0 Helpful
2 Replies 2

Go to solution
amritpatek
Level 6
Level 6

‎05-07-2008 01:49 PM

For the configuration nat for Outside-to-Inside Support Design follow the steps :

1. enable

2. configure terminal

3. ip nat pool name start-ip end-ip netmask netmask

4. ip nat pool name start-ip end-ip netmask netmask

5. ip nat inside source rout-map name pool name [reversible]

6. ip nat inside source rout-map name pool name [reversible]

0 Helpful

Go to solution
sundar.palaniappan
Level 10
Level 10

‎05-07-2008 03:51 PM

Dan,

If I understood your requirement correctly you should be able to get this to work by using route maps with static translations. It's a cool feature and I can see it working. Try this and let us know how you did.

ip nat inside source static 1.1.1.1 3.3.3.3 route-map test

ip nat inside source static 1.1.1.1 9.9.9.9 route-map test2

route-map test

match ip address 150

route-map test2

match ip address 160

access-list 150 permit tcp host 1.1.1.1 host 2.2.2.2 eq 23

access-list 160 permit tcp host 7.7.7.7 host 9.9.9.9 eq 23

HTH

Sundar

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card