Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2823
Views
0
Helpful
2
Replies

Multiple wan interfaces with static nat translations

Go to solution
bkran
Level 1
Level 1

‎03-25-2010 12:32 AM - edited ‎03-04-2019 07:55 AM

Hello everyone,

I am currently considering the way to accomplish the following. We have a cisco 2811 with 3 wan interfaces ( ADSL with different ISPs ) for load balancing - failover. My problem is how to accomplish static nat to multiple hosts on the lan interface. Seems to me that the way to do this is by either using multiple IPs on the host machines or by using route-maps and block the unneeded ports with access lists. Multiple IPs on host machines is not supported for the particular host operating system ( causes problems ) and from what I see with the use of route-maps I can actually nat one host to each public IP where I want to nat to two hosts ..... Is the only to achieve this with the use of another router between the LAN and 2811? This project is not actually working at the moment so I cant provide some configuration at the time, I am just wandering if this is possible with some other way....

Thanks in advance

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Neeraj Arora
Level 3
Level 3

‎03-31-2010 09:12 PM

Hey Bill,

Correct me if I am wrong, you want to forward traffic to a single host using multiple Public ip's? Or is it that you want to forward traffic coming on multiple ports to this single host?

** If its the first option, then thats not possible i.e you cannot use the same private inside ip with multiple public ip without a route-map. That too will only work in a Failover scenario, not when the traffic is being Load Balanced while going out.

Eg:

route-map isp1 permit 10
match interface FastEthernet0

route-map isp2 permit 10
match interface FastEthernet1

ip nat inside source static 192.168.1.10 207.127.77.33 route-map isp1

ip nat inside source static 192.168.1.10 199.199.77.33 route-map isp2

** If you are looking for forward different ports to the same inside host, then thats possible through port redirection:

ip nat inside source static tcp 192.168.1.10 3389 207.127.77.33 3389

ip nat inside source static tcp 192.168.1.10 80 207.127.77.33 80

In this situation also, the same rule will apply that load balancing of outgoing traffic will cause issues in NAT's proper working.

Hope it helps.

Neeraj

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Neeraj Arora
Level 3
Level 3

‎03-31-2010 09:12 PM

Hey Bill,

Correct me if I am wrong, you want to forward traffic to a single host using multiple Public ip's? Or is it that you want to forward traffic coming on multiple ports to this single host?

** If its the first option, then thats not possible i.e you cannot use the same private inside ip with multiple public ip without a route-map. That too will only work in a Failover scenario, not when the traffic is being Load Balanced while going out.

Eg:

route-map isp1 permit 10
match interface FastEthernet0

route-map isp2 permit 10
match interface FastEthernet1

ip nat inside source static 192.168.1.10 207.127.77.33 route-map isp1

ip nat inside source static 192.168.1.10 199.199.77.33 route-map isp2

** If you are looking for forward different ports to the same inside host, then thats possible through port redirection:

ip nat inside source static tcp 192.168.1.10 3389 207.127.77.33 3389

ip nat inside source static tcp 192.168.1.10 80 207.127.77.33 80

In this situation also, the same rule will apply that load balancing of outgoing traffic will cause issues in NAT's proper working.

Hope it helps.

Neeraj

0 Helpful

Go to solution
bkran
Level 1
Level 1
In response to Neeraj Arora

‎03-31-2010 11:20 PM

Hey Neeraj,

Your answer is correct, I wasn't sure I could use nat with route-maps this way.....

Thank you for your time

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card