Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
711
Views
0
Helpful
6
Replies

Cisco NAT like proxy

Go to solution
paa
Level 1
Level 1

‎07-22-2008 12:46 AM - edited ‎03-03-2019 10:50 PM

Hi!

I have a task to configure IOS NAT like proxy-server:

Local net Cisco ISR

[10.0.0.1/24]----[[10.0.0.1]-[20.0.0.1]]----[Internet-30.0.0.1]

Every packet from local network 10.0.0.1/24 to cisco's inside interface 10.0.0.1 port 445 should be redirected to Internet address 30.0.0.1 with source address 20.0.0.1 (cisco's outside interface). How can I do that?

I try this:

ip nat ip nat outside source static tcp 30.0.0.1 445 10.0.0.1 445

ip nat inside source list TO-INET interface GigabitEthernet0/0 overload

ip access ext TO-INET

perm tcp host 10.0.0.1 host 30.0.0.1

It doesn't work.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
tdrais
Level 7
Level 7
In response to andrew.prince

‎07-22-2008 05:18 AM

Your nat is correct except that nat only occurs as the traffic passes from a inside to outside interface... at least in your case.

Since the traffic is sent to the routers ip itself it does not even leve the inside interface.

You should be able to policy route the traffic to the outside interface to cause the nat to occur. You will want to set the nexthop to be the router of your ISP.

View solution in original post

0 Helpful
6 Replies 6

Go to solution
andrew.prince
Level 10
Level 10

‎07-22-2008 05:03 AM

Which platform are you using, what version of IOS are you running?

0 Helpful

Go to solution
tdrais
Level 7
Level 7
In response to andrew.prince

‎07-22-2008 05:18 AM

Your nat is correct except that nat only occurs as the traffic passes from a inside to outside interface... at least in your case.

Since the traffic is sent to the routers ip itself it does not even leve the inside interface.

You should be able to policy route the traffic to the outside interface to cause the nat to occur. You will want to set the nexthop to be the router of your ISP.

0 Helpful

Go to solution
paa
Level 1
Level 1
In response to tdrais

‎07-22-2008 08:27 PM

Thanks for you reply. I find order in witch NAT works with ip-packets - it is a great technical confiramtion of your words.

0 Helpful

Go to solution
ajay_bhard2002
Level 1
Level 1

‎07-23-2008 01:20 PM

#ip nat ip nat outside source static tcp 30.0.0.1 445 10.0.0.1 445

#ip nat inside source list TO-INET interface GigabitEthernet0/0 overload

#access-list ext

#access-list permit tcp host 10.0.0.1 host 30.0.0.1

0 Helpful

Go to solution
ajay_bhard2002
Level 1
Level 1
In response to ajay_bhard2002

‎07-23-2008 01:21 PM

Try with the commands what i have replied ,if it does not work.please feel free to come back with the query.

0 Helpful

Go to solution
paa
Level 1
Level 1
In response to ajay_bhard2002

‎07-23-2008 08:27 PM

You are right, if traffic will be addressed to some host in outside network. In may case, traffic addressed to cisco's inside interface.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card