Destination NAT - IOS router - traffic inside

Unanswered Question
Dec 30th, 2008
User Badges:

I'm having an issue using a destination nat. I'm not sure if this is the best way to do it.

I have a static nat in place mapping a public ip to internal ip All is working well.

Howerver I need the public ip to be accessible to all clients on the internal network. (DB programers hard corded IPs into there program).

Currently I can't ping the public address of the static nat internally.

What type of nat / acl do i need to put in place to get this to work?

Any documentation or advice would be helpful.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
John Blakley Wed, 12/31/2008 - 11:32
User Badges:
  • Purple, 4500 points or more

You may be able to use policy based routing. Create an access-list permitting all of your internal subnet to the one internal host, but do it by public IP.

ip access-list ext TRANSLATE

permit ip host

Then create your route map that forces all of those hosts going to that destination to the internal address instead.

(From memory )

route-map INTERNAL permit 5

match ip address TRANSLATE

set ip next-hop <--your internal server ip.

Again, I don't know if this will work, but it might.




This Discussion