NAT Pool on Cisco router

Answered Question
Jul 8th, 2008

I am configuring a Cisco Router and would like to do NAT so there is a one to one translation from the inside private network to outside public network.

For this example lets assume that 10.10.10.0/24 is a block of public IP's and 192.168.1.0/24 is my private. I'd like the addresses to translate as:

192.168.1.1 -> 10.10.10.1

192.168.1.2 -> 10.10.10.2

...

...

192.168.1.25 -> 10.10.10.25

...

192.168.1.99 -> 10.10.10.99

...etc

Is there a way to do this on 3825 router? It's easy to do on ASA or PIX but reading through the Cisco documents it looks like the routers randomly assign an IP from a pool. I need the last octet of the IP to match on the translation so I can track down which user got which public IP.

Correct Answer by a.alekseev about 8 years 7 months ago

R1(config)#ip nat inside source static network ?

A.B.C.D Inside local network

ip nat inside source static network 192.168.1.0 10.10.10.0 /24

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Collin Clark Tue, 07/08/2008 - 06:53

ip nat inside source static 10.10.10.1 192.168.1.1

ip nat inside source static 10.10.10.2 192.168.1.2

....

....

Hope that helps.

vman1976nj Tue, 07/08/2008 - 07:06

Thanks, thats one way to do it but I don't want to have to enter that statement 255 times. I'm hoping theres a way to NAT the entire network in 1 statement.

Collin Clark Tue, 07/08/2008 - 07:08

I agree, but it's the only way I know of. If there's a better way to do it, hopefully we'll hear how. How do you do it on an ASA?

vman1976nj Tue, 07/08/2008 - 07:22

On ASA I'd do:

static (inside,outside) 10.10.10.0 192.168.1.0 netmask 255.255.255.0

but its a whole different animal.

I think a.alekseev's suggestion is going to work. I'll test it out and report back.

Correct Answer
a.alekseev Tue, 07/08/2008 - 06:55

R1(config)#ip nat inside source static network ?

A.B.C.D Inside local network

ip nat inside source static network 192.168.1.0 10.10.10.0 /24

vman1976nj Tue, 07/08/2008 - 07:17

This looks like exactly what I needed. I'm going to test it out later and report back. Thanks for the help.

vman1976nj Tue, 07/08/2008 - 11:37

Worked like a charm on in my production environment. Thanks for the help.

Collin Clark Tue, 07/08/2008 - 08:07

Do you have a configuration example? It does not map the fourth octet for the one-one NAT translation, but I may not have it configured correctly.

Actions

This Discussion