Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

NAT question

Hi,

Behind C2801 router we have a mail server (172.20.17.35) which is avialabe to the outside world and there was a NAT config as below.

ip nat inside source static tcp 172.20.17.35 25 X.X.X.X 25 extendable

We allow HTTPS acceess to the same server and configured another NAT using the same NATTED IP address ( X.X.X,X), it did not establish the connection while it built NAT in the table.

ip nat inside source static tcp 172.20.17.35 443 X.X.X.X 443 extendable

Then, we tried another NATTED Ip address (X.X.X.Y), then it worked.

ip nat inside source static tcp 172.20.17.35 443 X.X.X.Y 443 extendable

Why can't we use the same NATTED IP addresses while it is only a port translation?

2 REPLIES
Bronze

Re: NAT question

Hi,

Static PAT is the same as static NAT, except it lets you specify the protocol (TCP or UDP) and port for the local and global addresses.

This feature lets you identify the same global address across many different static statements, so long as the port is different for each statement (you CANNOT use the same global address for multiple static NAT statements).

For example, if you want to provide a single address for global users to access FTP, HTTP, and SMTP, but these are all actually different servers on the local network, you can specify static PAT statements for each server that uses the same global IP address, but different ports

Regards

Bjornarsb

Bronze

Re: NAT question

.....And for PAT you cannot use the same local or global address in multiple static statements between the same two interfaces.

188
Views
0
Helpful
2
Replies
CreatePlease login to create content