Destination NAT

Unanswered Question
Nov 29th, 2008


internet -(fa0)Router-(fa1)-



FastEthernet0 -

I have a nat overload.

I have on the network a web server: (https)

ip nat inside source route-map SDM_RMAP_1 interface FastEthernet0 overload

ip nat inside source static tcp 443 443 extendable

interface FastEthernet0

ip address

ip nat outside

interface FastEthernet1

ip address

ip nat inside

interface FastEthernet2

ip address

ip nat inside

interface FastEthernet3

ip address

ip nat inside

So, everything that comes from internet with destination port 443 and destination address is directed to my web server inside at, that listen on 443.

How can I make that all the hosts from and with destination port 443 with destination address to go to the same

I want to do something like destination nat in linux: everything that comes from a source IP/port with destination IP/port to go to a server that I want? is also DNS server, it is my webmail:

So when I access my webserver from my inside subnets, my dns will resolve with

Thank U!

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Jon Marshall Mon, 12/01/2008 - 15:08

Are you sure you want destination NAT. From your description it sounds like you want Policy Based Routing ie.

"everything that comes from a source IP/port with destination IP/port to go to a server that I want?"

Could you elaborate on what exactly you want ?


Spinu Viorel Mon, 12/01/2008 - 15:24

in linux I think it is called DNAT(destination nat).

I did some cisco documentation reading and I realy don't know what I want: policy-map, route map, port-map...I am confused.

I want traffic sourced from with destination my web server port 443 to go to, and the other traffic, other than 443, to go to my outside interface and then to Internet. So yes, looks like Policy Based Routing.

I have also a dilema: is also my DNS server; the host from will use this DNS; so when I will try to access , my DNS will resolve it with, so how will the traffic be routed back to the ?

I hope U understand my question, and thank u for your time!


This Discussion