05-22-2008 10:01 AM - edited 03-03-2019 10:03 PM
I have a router with e0 and s0.
There are packets arriving on e0 with destination 10.1.1.1 & 10.1.1.2 from any source. I want to change the destination address to 10.2.2.1 and 10.2.2.2 statically respectively.
Packet destined for other destination sholud left untough. Also at the same time I want to do PATTING for the any source IP address to 10.3.3.3 which is my loopback1 IP address
So in short,
source any - PAT - 10.3.3.3(loopback1)
Destination 10.1.1.1 - NAT - 10.2.2.1
Destination 10.1.1.2 - NAT - 10.2.2.2
Destination other - NAT - Destination other.
What will be required config for this?
05-22-2008 01:17 PM
This is done with route-maps and is described in the NAT configuration guide. Basically you will have as many nat statements as many specialized "classes" you have.
Hope this helps, please rate post i it does!
05-22-2008 01:27 PM
Thanks, Paolo for your answer.
Is this possible using this configuration? Do I need to use route map for this?Unfortunately, I am unable to test this in lab environment.
interface e0
ip nat inside
interface s0
ip nat outside
ip nat outside source static 10.2.2.1 10.1.1.1
ip nat outside source static 10.2.2.2 10.1.1.2
ip nat inside source list 1 interface loopback1 overload
05-22-2008 01:34 PM
I think it should be ip nat inside for all cases.
05-22-2008 02:52 PM
Are you sure as I want to translates the destination of the IP packets that travel from inside interface to outside interface.
05-22-2008 10:38 PM
IP nat outside should be the command. If you use IP nat inside the packets coming from outside to inside will be translated. You want translation for inside outside correct?
Oh and let me add, the statement will send traffic destined to 10.1.1.1 and 10.1.1.2 recieved on e0 to s0 after changing the destination to 10.2.2.1 and 10.2.2.2 respectivley.
05-23-2008 03:09 AM
There seems to be some confusion regarding the default behavior of NAT and its configuration.
By default, the purpose of Network Address Translations is to translate the SOURCE address of a packet that may be received by either the "inside" interface or "outside" interface. Either way, it's the SOURCE address that's translated.
The difference between the 2 is reflected in the configuration.
For example, the command
ip nat inside source static 1.1.1.1 2.2.2.2
will inspect the packet received on the "inside" NAT interface and translate the source IP address from 1.1.1.1 to 2.2.2.2.
On the other hand, the command
ip nat outside source static 2.2.2.2 1.1.1.1
will inspect the packet received on the "outside" NAT interface and translate the source address from 2.2.2.2 to 1.1.1.1
Notice that in either case, it is the SOURCE address that is NAT'ed. The difference is in the direction of traffic flow -- either coming from the outside and heading toward the inside (outside-to-inside) or coming from the inside and heading toward the outside (inside-to-outside). That difference in direction is also reflected in the order of operations.
Now, if you would like to perform a special case of NATing the destination address of packets received on the "inside" NAT interface, you would use the following command:
ip nat inside destination { list
This command is similar to the source translation command. For dynamic destination translation to make any sense, the pool should be a rotary-type pool.
HTH
Victor
05-25-2008 06:33 PM
Just giving my feedback for above given config in my earlier post....
I tried this in production and it works as I wanted.
Victor,
Thanks for your explanation. My earlier understanding about NAT was same as described by you. But 'ip nat outside' command does change the destination IP address. For more information please see the link below.
http://www.cisco.com/en/US/tech/tk648/tk361/technologies_configuration_example09186a0080093f8e.shtml
Also, I really appreciate your effort of being a good contributor to Netpro.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide