Dear Jon, thanks alot for feedback, i have attached the diagram. Now my requirement is

1) Packet from 10.1.9.0/24 will be destined to 192.168.1.10. It shouldnt be natted.

2) PAcket from 10.1.8.0/24 will be destined to 10.2.2.20, this packet will reach R2, R2 has 10.2.2.0/24 as directly connected but i have given host route towards R1. Now i want the destination 10.2.2.20 to be changed to 192.168.1.10 if packet is sourced from 10.1.8.0.

As you can see, i want to KINDA run both ip 10.2.2.20 and 192.168.1.10 in parallel . I have almost 50 branches with distinct networks like 10.1.11.0/24, 10.1.12.0/24 and so on, this migration is slow so i want to have such a policy that when packet is destined for 10.2.2.20 then 10.2.2.20 should be natted to 192.168.1.10.

I hope its clear pls guide me in this

Dear Sir, IT WORKED !!! but everything just went above my head, what just happened ?

See this is my confgiuration

access-list 111 per ip host 10.1.9.1 host 10.2.2.20

route-map test

mat ip add 111

ip nat inside source static 192.168.1.10 10.2.2.20 route-map test

Now, clients can access either IPs, which is exactly what i wanted but why ? i mean i just gave one entry that is when a packet is sourced from 10.1.9.1 then do the translation only, but in my case, all the clients are being natted !!! i.e. 10.1.8.1, 10.1.11.1 etc, why is this so ? i really dont see any significant role of access-list here but no doubt is working, i am totally confused.

Pls guide me

Could you make sure your configuration on R2 is something like this.

interfaces x

ip address 13.0.0.1

ip nat outside

interface y

ip address 11.0.0.2

ip nat inside

access-lists 111

permit ip host 192.168.1.10 host 10.1.9.1

Also have you thought about using other option(doing natting on R4)? It is more safer and simple way for your requirement.

Dear Sir, i cant actually do it on R4, because R4 is a client and i have like 100+ clients like this, so natting on all of them will be a lot of overhead. Right now i am doing as per you say but access-list doesnt seem to work, its allowing all the traffic destined to 10.2.2.20 to translate to 192.168.1.10, where as any traffic destined to 192.168.1.10 is going without natting. So i am totally confused as what is the purpose of this acl then ?

I tried emulating your scenario in lab environment and found expected result. When packets match communication identified by ACL, they were natted whereas remaining packets were unaffected. I verified this behavior using 'sh ip nat tr' command.

Please note that I was not able to emulate your scenario completely and not sure if any software glitch is affecting your setup. In any case one confirmed thing which you also noted that traffic destined to 10.2.2.20 is getting translated to 192.168.1.10, where as any traffic destined to 192.168.1.10 is unaffected. So basically you are getting response for both IPs while there is a compromise in your setup where you are losing your ability to translate packets based on their source addresses.

Please rate all helpful responses.

Dear Sir, i am using 3845 12.4(20)T. Sir no doubt my issue is resolved but i have just given only one ip in my access-list, so how come any ip that is hitting 10.2.2.20 is being translated to 192.168.1.10 ? its confusing all my concepts sir, kindly guide me in this

I dont see any logical reason behind this. Also my simulation of this issue in lab did not show up any such behavior. Could you try adding specific deny statement(above current permit statement) for particular host and test from that host to see if it appears in NAT table or not?