Jon Marshall Tue, 03/17/2009 - 04:51

Raj

On a router no. You can translate multiple outside IP's to a range of inside IP's but not just one as there is no "overload" keyword option when doing "ip nat outside ..."

On a Pix/ASA yes this is very easy to do.

Jon

adamclarkuk_2 Tue, 03/17/2009 - 04:57

Hi

[Edit]

Sorry, Jon is right, I missed the no overload option.

You can do this.

By doing ip nat inside source list x interface x overload for example, you are doing source address translation. You need to do destination address translation using the ip nat outside command:-

ip nat outside source list x pool x

If oyu only define a single IP address in your pool, then you have got what you need.

IP NAT outside config guide.

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_configuration_example09186a0080093f8e.shtml

Jon Marshall Tue, 03/17/2009 - 05:04

Adam

Must admit i have never understood why this functionality is not available on a router.

I have used this functionality on a Pix/Asa quite a few times and it can be quite handy in certain cases.

Perhaps i should just submit a feature request :-)

Jon

Jon Marshall Tue, 03/17/2009 - 05:30

Lets say you wanted to translate all outside addresses with a source of 192.168.5.0/24 to 172.16.10.1 on the inside

nat (outside) 1 192.168.5.0 255.255.255.0 outside

global (inside) 1 172.16.10.1

Jon

rajeshk200_2 Tue, 03/17/2009 - 06:16

Jon,

Thanks for the response

Is this works along with inside IP translation as well, I mean both way translation concurrently.

nat (inside) 1 0 0

global (outside) 192.168.6.1

Thanks,

Raj

Jon Marshall Tue, 03/17/2009 - 08:11

Raj

Yes it should do but to be on the safe use a different NAT id ie.

nat (outside) 2 ...

global (inside) 2

Jon

Actions

This Discussion