Destiantion and Souce Natting at the same time

Unanswered Question
May 22nd, 2008

I have a router with e0 and s0.

There are packets arriving on e0 with destination & from any source. I want to change the destination address to and statically respectively.

Packet destined for other destination sholud left untough. Also at the same time I want to do PATTING for the any source IP address to which is my loopback1 IP address

So in short,

source any - PAT -

Destination - NAT -

Destination - NAT -

Destination other - NAT - Destination other.

What will be required config for this?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.5 (4 ratings)
Paolo Bevilacqua Thu, 05/22/2008 - 13:17

This is done with route-maps and is described in the NAT configuration guide. Basically you will have as many nat statements as many specialized "classes" you have.

Hope this helps, please rate post i it does!

config_raval Thu, 05/22/2008 - 13:27

Thanks, Paolo for your answer.

Is this possible using this configuration? Do I need to use route map for this?Unfortunately, I am unable to test this in lab environment.

interface e0

ip nat inside

interface s0

ip nat outside

ip nat outside source static

ip nat outside source static

ip nat inside source list 1 interface loopback1 overload

config_raval Thu, 05/22/2008 - 14:52

Are you sure as I want to translates the destination of the IP packets that travel from inside interface to outside interface.

raviprakash_leo Thu, 05/22/2008 - 22:38

IP nat outside should be the command. If you use IP nat inside the packets coming from outside to inside will be translated. You want translation for inside outside correct?

Oh and let me add, the statement will send traffic destined to and recieved on e0 to s0 after changing the destination to and respectivley.

lamav Fri, 05/23/2008 - 03:09

There seems to be some confusion regarding the default behavior of NAT and its configuration.

By default, the purpose of Network Address Translations is to translate the SOURCE address of a packet that may be received by either the "inside" interface or "outside" interface. Either way, it's the SOURCE address that's translated.

The difference between the 2 is reflected in the configuration.

For example, the command

ip nat inside source static

will inspect the packet received on the "inside" NAT interface and translate the source IP address from to

On the other hand, the command

ip nat outside source static

will inspect the packet received on the "outside" NAT interface and translate the source address from to

Notice that in either case, it is the SOURCE address that is NAT'ed. The difference is in the direction of traffic flow -- either coming from the outside and heading toward the inside (outside-to-inside) or coming from the inside and heading toward the outside (inside-to-outside). That difference in direction is also reflected in the order of operations.

Now, if you would like to perform a special case of NATing the destination address of packets received on the "inside" NAT interface, you would use the following command:

ip nat inside destination { list pool | static }

This command is similar to the source translation command. For dynamic destination translation to make any sense, the pool should be a rotary-type pool.



config_raval Sun, 05/25/2008 - 18:33

Just giving my feedback for above given config in my earlier post....

I tried this in production and it works as I wanted.


Thanks for your explanation. My earlier understanding about NAT was same as described by you. But 'ip nat outside' command does change the destination IP address. For more information please see the link below.

Also, I really appreciate your effort of being a good contributor to Netpro.


This Discussion