Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

nat inside source static AND/OR inside source overload?

On an 837 IOS 12.4 I want to nat the inside source depending on the destination.

Destination 1

Internet with normal PAT overload (also with static ports for incoming smtp and web)

So far so good.

Destination 2

IPsec tunnel. Devices on the remote end of the IPsec tunnel need to also initiate connections in to the local devices.

I can get Destination 2 working with a nat inside source route-map and nat pool but of course as it's a dynamic translation the remote tunnel devices can't initiate connections in. So I need a static nat for Destination 2?

A network static for tunnelled traffic does the trick in both directions nicely. But it NATs the inside sources for ALL destinations... not so nice.

I think I need a feature like a network static but with route-map selection for fine-grained control. Does such a feature exist?

I can't see a solution for this. Can someone prove me wrong please?!

TIA

3 REPLIES
Silver

Re: nat inside source static AND/OR inside source overload?

Actually such a feature does exist and there is a solution for this.

http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/products_feature_guide09186a0080087bac.html

I have actually done something quite similar for one of my clients. It did require some tweaks but worked out quite well.

Community Member

Re: nat inside source static AND/OR inside source overload?

Yes, I had already seen this feature; it is for individual static translations. The problem is I need to translate a subnet so would need this as a NETWORK static. The document specifically states...

"Network static support is not included in this feature."

Thankyou for your response.

Silver

Re: nat inside source static AND/OR inside source overload?

I had overlooked the network static requirement.

111
Views
0
Helpful
3
Replies
CreatePlease to create content