Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3980
Views
5
Helpful
1
Replies

Conditional destination NAT routing configuration

mcarnahan
Level 1
Level 1

‎12-14-2009 08:09 PM - edited ‎03-06-2019 08:57 AM

I have two offices with their own internet access and are inter-connected by point-to-point T1s.  I am trying to set up an alternate or redundant path from the internet.  There are a bunch of other factors, but here’s what I am trying to accomplish:

Traffic comes in from the internet and the firewall translates the destination:

Source => Destination 

  Any   =>  X.X.4.115

                       ||

   Any   =>  172.20.1.1

Then the traffic hits a router for the T1 and translates the traffics source address to the address on the serial interface on the router:

     Source   =>   Destination 

      Any       =>  172.20.1.1

         ||

10.0.27.129 => 172.20.1.1

Next the traffic hits another router and this is where I need help.  I need to translate the traffic's destination as demonstrated below but only when the traffic is coming from 10.0.27.129.

  Source        =>   Destination   

10.0.27.129 => 172.20.1.1

                                ||

10.0.27.129 => 10.0.0.4


I have all the routes set up to make this happen and the reason for all the NATs is due to the firewalls being configured for VPN failover, so they are aware of the different networks and will send the traffice through the VPN, but then the return traffic will go out the other office's firewall and then would be rejected by the stateful table.  So what I really need to figure out is how to NAT just the destination IP when the traffic is coming from 10.0.27.129 and going to 172.20.1.1.

Obviously I know how to change the source IP address based on conditions, but I can't figure out how to do the destination address with conditions.  Any help would be appreciated.  Let me know if you have any questions.

Labels:
0 Helpful
1 Reply 1

Marwan ALshawi
VIP Alumni
VIP Alumni

‎12-26-2009 11:00 PM

i will assume you have al the nating in the first router and second router working except the third one where you want to do nating only if the source and distention the following:

10.0.27.129 => 172.20.1.1

just do the following steps

access-list 100 permit ip host 10.0.27.129 host 172.20.1.1

ip nat pool pool1 10.0.0.4 10.0.0.4 prefix-length 24  .. i assuming this subnet is 24 ( use the correct one )

route-map NAT1

match ip address 100

ip nat inside source route-map NAT1 pool pool1 overload

only make sure that you have the ip nat inside under the interface where the traffic will come in and the exit interface configure it with ip nat outside

good luck

if helpful Rate

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card