Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

NAT to conceal outside global IP

Hey Pros,

I have 2 networks with a router between them.

Network A --router-- Network B

Network A= inside

Network B= outside

I want it so that when Network B sends traffic destined through the router, Network A does not see the true IP of the host who actually sent the traffic, but sees an IP address from the router. Is this possible? I can do this easily with Linux using ip masquerade (ipmasq). Thanks pros!


Re: NAT to conceal outside global IP

Here's an example:

Network B

int fa0/0

desc WAN

ip address

ip nat outside

int fa0/1

desc LAN

ip address

ip nat inside

ip nat inside source list 1 interface fa0/0 overload

access-list 1 permit

Anyone coming from lan side will look like they're coming from



HTH, John *** Please rate all useful posts ***
New Member

Re: NAT to conceal outside global IP

*Bingo!* worked perfectly. I guess the idea was swapping the concept of what was inside and what was outside. Many thanks j.blakley.

New Member

Re: NAT to conceal outside global IP

I'm trying to take this one step further. From you example, how would I make a static NAT entry where people connecting from f0/1 could be statically NATted to a host on f0/0?

For example, I want users to connect to a new IP address, TCP port 80. Traffic gets NATted and sent to port 8080.

I've tried:

ip nat inside source static tcp 8080 80

But this doesn't seem to work. Thanks!