Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

NAT to conceal outside global IP

Hey Pros,

I have 2 networks with a router between them.

Network A --router-- Network B

Network A= inside

Network B= outside

I want it so that when Network B sends traffic destined through the router, Network A does not see the true IP of the host who actually sent the traffic, but sees an IP address from the router. Is this possible? I can do this easily with Linux using ip masquerade (ipmasq). Thanks pros!

3 REPLIES

Re: NAT to conceal outside global IP

Here's an example:

Network B

int fa0/0

desc WAN

ip address 192.168.1.1 255.255.255.0

ip nat outside

int fa0/1

desc LAN

ip address 10.50.50.1 255.255.255.0

ip nat inside

ip nat inside source list 1 interface fa0/0 overload

access-list 1 permit 10.50.50.0

Anyone coming from 10.50.50.0/24 lan side will look like they're coming from 192.168.1.1.

HTH,

John

HTH, John *** Please rate all useful posts ***
New Member

Re: NAT to conceal outside global IP

*Bingo!* worked perfectly. I guess the idea was swapping the concept of what was inside and what was outside. Many thanks j.blakley.

New Member

Re: NAT to conceal outside global IP

I'm trying to take this one step further. From you example, how would I make a static NAT entry where people connecting from f0/1 could be statically NATted to a host on f0/0?

For example, I want users to connect to a new IP address, 10.50.50.2 TCP port 80. Traffic gets NATted and sent to 192.168.1.2 port 8080.

I've tried:

ip nat inside source static tcp 192.168.1.2 8080 10.50.50.2 80

But this doesn't seem to work. Thanks!

99
Views
5
Helpful
3
Replies