Cisco NAT like proxy

Answered Question

Hi!


I have a task to configure IOS NAT like proxy-server:

Local net Cisco ISR

[10.0.0.1/24]--------[Internet-30.0.0.1]


Every packet from local network 10.0.0.1/24 to cisco's inside interface 10.0.0.1 port 445 should be redirected to Internet address 30.0.0.1 with source address 20.0.0.1 (cisco's outside interface). How can I do that?

I try this:


ip nat ip nat outside source static tcp 30.0.0.1 445 10.0.0.1 445

ip nat inside source list TO-INET interface GigabitEthernet0/0 overload

ip access ext TO-INET

perm tcp host 10.0.0.1 host 30.0.0.1


It doesn't work.

Correct Answer by tdrais about 8 years 10 months ago

Your nat is correct except that nat only occurs as the traffic passes from a inside to outside interface... at least in your case.


Since the traffic is sent to the routers ip itself it does not even leve the inside interface.


You should be able to policy route the traffic to the outside interface to cause the nat to occur. You will want to set the nexthop to be the router of your ISP.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
tdrais Tue, 07/22/2008 - 05:18
User Badges:
  • Blue, 1500 points or more

Your nat is correct except that nat only occurs as the traffic passes from a inside to outside interface... at least in your case.


Since the traffic is sent to the routers ip itself it does not even leve the inside interface.


You should be able to policy route the traffic to the outside interface to cause the nat to occur. You will want to set the nexthop to be the router of your ISP.

ajay_bhard2002 Wed, 07/23/2008 - 13:20
User Badges:

#ip nat ip nat outside source static tcp 30.0.0.1 445 10.0.0.1 445

#ip nat inside source list TO-INET interface GigabitEthernet0/0 overload

#access-list ext

#access-list permit tcp host 10.0.0.1 host 30.0.0.1

ajay_bhard2002 Wed, 07/23/2008 - 13:21
User Badges:

Try with the commands what i have replied ,if it does not work.please feel free to come back with the query.

Actions

This Discussion