I need to add a route-map to a static NAT but the option seems to be available only if using inside/outside NAT, not if using enable NAT.
This is a CISCO1921/K9 running 15.2(4)M6
Here's what I mean:
R2(config)#ip nat inside source static 192.168.3.20 10.10.10.20 ? --> allows the route-map option to be appended extendable Extend this translation when used mapping-id Associate a mapping id to this mapping no-alias Do not create an alias for the global address no-payload No translation of embedded address/port in the payload redundancy NAT redundancy operation route-map Specify route-map vrf Specify vrf <cr>
R2(config)#ip nat source static 192.168.3.20 10.10.10.20 ? --> no route-map option extendable Extend this translation when used no-alias Do not create an alias for the global address no-payload No translation of embedded address/port in the payload vrf Specify vrf <cr>
What I need is multiple dynamic and static NAT rules between multiple interfaces, so I need a way to assign multiple static NAT depending on the destination.
For example, if server 192.168.3.0 wants to go to VLAN A, get statically translated to IP 1.
If the same server 192.168.3.0 wants to go to VLAN B, get statically translated to IP 2.
AS far as I know I need a route-map attached to the static NAT statements to make this happen, but the option is not available as shown above. And I don't want to use normal inside/outside NAT since I need the interfaces to allow NAT in both directions.
If anybody can share some light will be very appreciated!
II am on the understandinmg that in domain nased nat ( inside/outside) route-maps allows nat to read scr & dst in the acl before translation, and when just defining an acl, Nat only reads the scr address before nat translation. plus its nat order of operation is different for inside and outside
inside- route-lookup then nat translation outside - nat translation then route-lookup
However domain-less nat ( ip nat enable) performs the same order of operation in either direction so with this in mind have you tried just using a exteneded acl with the domain-less nat?
Please don't forget to rate any posts that have been helpful.
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...