NAT Pool on Cisco router

Answered Question
Jul 8th, 2008
User Badges:

I am configuring a Cisco Router and would like to do NAT so there is a one to one translation from the inside private network to outside public network.


For this example lets assume that 10.10.10.0/24 is a block of public IP's and 192.168.1.0/24 is my private. I'd like the addresses to translate as:


192.168.1.1 -> 10.10.10.1

192.168.1.2 -> 10.10.10.2

...

...

192.168.1.25 -> 10.10.10.25

...

192.168.1.99 -> 10.10.10.99

...etc


Is there a way to do this on 3825 router? It's easy to do on ASA or PIX but reading through the Cisco documents it looks like the routers randomly assign an IP from a pool. I need the last octet of the IP to match on the translation so I can track down which user got which public IP.



Correct Answer by a.alekseev about 8 years 11 months ago

R1(config)#ip nat inside source static network ?

A.B.C.D Inside local network


ip nat inside source static network 192.168.1.0 10.10.10.0 /24

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Collin Clark Tue, 07/08/2008 - 06:53
User Badges:
  • Purple, 4500 points or more

ip nat inside source static 10.10.10.1 192.168.1.1

ip nat inside source static 10.10.10.2 192.168.1.2

....

....


Hope that helps.


vman1976nj Tue, 07/08/2008 - 07:06
User Badges:

Thanks, thats one way to do it but I don't want to have to enter that statement 255 times. I'm hoping theres a way to NAT the entire network in 1 statement.

Collin Clark Tue, 07/08/2008 - 07:08
User Badges:
  • Purple, 4500 points or more

I agree, but it's the only way I know of. If there's a better way to do it, hopefully we'll hear how. How do you do it on an ASA?

vman1976nj Tue, 07/08/2008 - 07:22
User Badges:

On ASA I'd do:


static (inside,outside) 10.10.10.0 192.168.1.0 netmask 255.255.255.0


but its a whole different animal.


I think a.alekseev's suggestion is going to work. I'll test it out and report back.

Correct Answer
a.alekseev Tue, 07/08/2008 - 06:55
User Badges:
  • Gold, 750 points or more

R1(config)#ip nat inside source static network ?

A.B.C.D Inside local network


ip nat inside source static network 192.168.1.0 10.10.10.0 /24

vman1976nj Tue, 07/08/2008 - 07:17
User Badges:

This looks like exactly what I needed. I'm going to test it out later and report back. Thanks for the help.

vman1976nj Tue, 07/08/2008 - 11:37
User Badges:

Worked like a charm on in my production environment. Thanks for the help.

Collin Clark Tue, 07/08/2008 - 08:07
User Badges:
  • Purple, 4500 points or more

Do you have a configuration example? It does not map the fourth octet for the one-one NAT translation, but I may not have it configured correctly.

Actions

This Discussion