Conditional NAT !

Unanswered Question
Oct 22nd, 2009
User Badges:

Hi all. I have a static port redirection example like below


ip nat inside source static 10.1.1.1 172.16.1.1


But i want to use this translation only when a packet comes from a specific IP only. This translation shall only work when a packet lets say comes from 10.1.52.1 destined to 172.16.1.1 should be translated to 10.1.1.1. All other packets sourced from other IPs shall not get translated !!


Pls guide me in this

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Peter Paluch Thu, 10/22/2009 - 23:56
User Badges:
  • Cisco Employee,

Hello,


This requires using a NAT pool and a properly formatted ACL. Assume that you have a host 10.0.0.1 and you want it to be translated to 192.0.2.10 when it talks to, say, 158.193.138.40. All other flows from that or any other hosts shall be left untranslated.


The configuration would be as follows:


ip nat pool MyPool 192.0.2.10 192.0.2.10 netmask 255.255.255.0

access-list 100 permit ip host 10.0.0.1 host 158.193.138.40

ip nat inside source list 100 pool MyPool


As a terminology note, what you have configured now is not strictly a port redirection - it is only a simple 1:1 static NAT between two addresses. It would be a port redirection (or better - a port forwarding) if you had defined a particular port and transport protocol that should be NATted.


Best regards,

Peter


Actions

This Discussion