I have this configuration on one of my router.
#ip nat inside source static 10.151.16.47 18.104.22.168 route-map ABC reversible
route-map ABC, permit, sequence 10
ip address (access-lists): 102
Policy routing matches: 0 packets, 0 byte
#sh access-lists 102
Extended IP access list 102
10 permit ip host 10.151.16.47 10.10.125.0 0.0.0.255 (140 matches)
20 permit ip host 10.151.16.47 10.10.126.0 0.0.0.255 (4 matches)
30 permit ip host 10.151.16.47 10.10.130.0 0.0.0.255 (11 matches)
40 permit ip host 10.151.16.47 10.10.131.0 0.0.0.255 (3 matches)
Network topology is (10.151.16.47 subnet, IP NAT Inside) gi 0/1 --> R 3825 ---> gi 0/0 (IP NAT Outside, 10.10.125/126/130/131.0 Subnet)
This is a reverse nat, meaning Destination NAT but i am unable to understand how its work. when some one from 10.10.125.0 access 10.151.16.47.
Could any body explain plz. Thanks.
It depends which direction the traffic is going, inside to outside, or outside to inside. Here is a document that covers both:
Yh, that make sense. 2 more Qs,
1- Is the above configuration ok? You see any issue in it ?
2- So as u said, in case of destination NAT, the ACL, IP NAT INSIDE SOURCE STATIC.... commands will be read in reverse direction. right ?
1) Looks okay but then again depends on what you are trying to achieve. Difficult to say.
2) All NATs are source AND destination, it just depends on which direction the traffic is flowing. So yes i guess you could say you can read your statement in reverse order to understand the destination side of it.