Jon Marshall Tue, 03/17/2009 - 04:51


On a router no. You can translate multiple outside IP's to a range of inside IP's but not just one as there is no "overload" keyword option when doing "ip nat outside ..."

On a Pix/ASA yes this is very easy to do.


adamclarkuk_2 Tue, 03/17/2009 - 04:57



Sorry, Jon is right, I missed the no overload option.

You can do this.

By doing ip nat inside source list x interface x overload for example, you are doing source address translation. You need to do destination address translation using the ip nat outside command:-

ip nat outside source list x pool x

If oyu only define a single IP address in your pool, then you have got what you need.

IP NAT outside config guide.

Jon Marshall Tue, 03/17/2009 - 05:04


Must admit i have never understood why this functionality is not available on a router.

I have used this functionality on a Pix/Asa quite a few times and it can be quite handy in certain cases.

Perhaps i should just submit a feature request :-)


Jon Marshall Tue, 03/17/2009 - 05:30

Lets say you wanted to translate all outside addresses with a source of to on the inside

nat (outside) 1 outside

global (inside) 1


rajeshk200_2 Tue, 03/17/2009 - 06:16


Thanks for the response

Is this works along with inside IP translation as well, I mean both way translation concurrently.

nat (inside) 1 0 0

global (outside)



Jon Marshall Tue, 03/17/2009 - 08:11


Yes it should do but to be on the safe use a different NAT id ie.

nat (outside) 2 ...

global (inside) 2



This Discussion