PAT and Static NAT for same Subnet

Unanswered Question
Apr 27th, 2009

Hi, if we have Inside IP in PAT and Static NAT, which would be prioritize. In below mail,10.10.1.2 IP falls in both Overload and Static nat. When traffic going from this host to outside, it will applicable for Static NAT 64.1.1.2 or PAT IP 64.1.1.10 ??

Ip nat pool verizon 64.1.1.10 64.1.1.10 netmask 255.255.255.240

Ip nat inside source list 1 pool verizon overload

Access-list 1 permit 10.0.0.0 0.255.255.255

Ip nat inside source static 10.10.1.2 64.1.1.2

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
kplunkett512 Mon, 04/27/2009 - 20:16

the PAT list will be the priority. You would need to use an extended access list for the PAT access list if you wanted to have the 10.10.1.2 to be translated to 64.1.1.2. Like this:

ip nat pool verizon 64.1.1.10 64.1.1.10 netmask 255.255.255.240

Ip nat inside source list 100 pool verizon overload

access-list 100 remark *** DO NOT PAT STATIC NAT ADDRESSES ***

access-list 100 deny host 10.10.1.2 any

access-list 100 remark *** PAT ALL OTHER ADDRESSES ***

access-list 100 permit 10.0.0.0 0.255.255.255 any

Ip nat inside source static 10.10.1.2 64.1.1.2

Actions

This Discussion