Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
968
Views
0
Helpful
6
Replies

Single static IP nat to a Subnet

huytuan
Level 1
Level 1

‎09-15-2003 05:38 PM - edited ‎03-02-2019 10:21 AM

If I have a single external static ip address of 219.21.23.1 . Is it possible for me to NAT this single static ip address to an internal subnet of 192.168.100.0 255.255.255.252. Is this possible? Thanks.

ip nat inside source static 192.168.100.0 255.255.255.252 219.21.23.1

Labels:
0 Helpful
6 Replies 6

liviu.gheorghe
Spotlight
Spotlight

‎09-15-2003 09:56 PM

Static NAT implies that you associate one external IP address with only one internal IP address.

To statically NAT subnet 192.168.100.0/30 - 4 host subnet, from whic only two are IP addresset that can be assigned to hosts, you need 2 public IP addresses.

If you don't have two public IP addresses, then you can configure dynamic NAT with the overload facility. With this facilitu you can NAt two or more private IP addresses into one public IP address.

The commands to implement this feature in the router:

ip nat inside source list 10 pool NET1 overload

ip nat pool NET1 219.21.23.1 219.21.23.1 prefix-length 24

access-list 10 permit 192.168.100.0 0.0.0.3

Regards, LG
*** Please Rate All Helpful Responses ***
0 Helpful

huytuan
Level 1
Level 1
In response to liviu.gheorghe

‎09-15-2003 10:45 PM

Thanks Liviu, what if I just want the external static ip address 219.21.23.1 to be NAT to just two internal ip address 192.168.100.9 and 192.168.100.10 . Is it possible and what is the code?

0 Helpful

liviu.gheorghe
Spotlight
Spotlight
In response to huytuan

‎09-15-2003 10:58 PM

Static NAT is possible between 219.21.23.1 and only one internal address. The code for this is:

ip nat inside source static 192.168.100.9 219.21.23.1

Cheeers

Regards, LG
*** Please Rate All Helpful Responses ***
0 Helpful

jamey
Level 4
Level 4
In response to huytuan

‎09-16-2003 05:56 AM

If you only have one legal IP and your goal is to NAT the whole subnet, but you have some servers (like www or smtp) on the private network, you could use PAT and extendable NAT to do port mappings to the internal www or smtp servers:

http://www.cisco.com/en/US/tech/tk175/tk15/technologies_configuration_example09186a0080093e51.shtml

0 Helpful

huytuan
Level 1
Level 1
In response to jamey

‎09-16-2003 10:20 PM

Thanks Jamey,

Does this mean with PAT I can do this:

ip nat inside source list 10 interface Ethernet 1 overload

ip nat inside source static tcp 192.168.100.5 80 219.21.23.1 80 extendable

ip nat inside source static tcp 192.168.100.6 80 219.21.23.1 80 extendable

ip nat inside source static tcp 192.168.100.8 1352 219.21.23.1 1352 extendable

ip nat inside source static tcp 192.168.100.12 1352 219.21.23.1 1352 extendable

ip nat inside source static tcp 192.168.100.13 smtp 219.21.23.1 smtp extendable

ip nat inside source static tcp 192.168.100.14 smtp 219.21.23.1 smtp extendable

ip nat inside source static tcp 192.168.100.26 telnet 219.21.23.1 telnet extendable

access-list 10 permit 192.168.100.0 0.0.0.255

This is really what I want to do. Two Lotus notes servers, 2 smtp servers, telnet, 2 web servers mapped to the same External Ip address 219.21.23.1. I really need this functionality for clustering servers.

0 Helpful

jamey
Level 4
Level 4
In response to huytuan

‎09-17-2003 06:59 AM

You're going to need more legal IPs. The server will not know if say an smtp request comes in to 219.21.23.1 tcp port 25 which internal server to send it to 192.168.100.13 or 192.168.100.14.

Idealy you would have one legal IP for each internal server and one legal IP for use with PAT for the regular PC clients.

I'd try to get more legal IPs from your ISP.

0 Helpful
Customers Also Viewed These Support Documents