I have typically used address translation to translate from an outside global address to a private internal address, but I believe this may work:
ip nat outside source static
- Available beginning with IOS v.11.2
As I said, I have never used this command to translate from one global address to another. But, if this works you can use an access list to filter traffic for a specific port. I don't know if there is a way to translate an address only for a specific tcp port, but you can do port translation.
Then you can apply an inbound access list on the outside interface to allow only port 53 for that specific host:
access-list 101 deny tcp any host neq 53
access-list 101 permit ip any any
- Make sure these commands are in this order
Or, if you prefer, use no access list at all and allow all IP traffic to pass.
Hope this helps,
Dan