Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

paa
New Member

Cisco NAT like proxy

Hi!

I have a task to configure IOS NAT like proxy-server:

Local net Cisco ISR

[10.0.0.1/24]----[[10.0.0.1]-[20.0.0.1]]----[Internet-30.0.0.1]

Every packet from local network 10.0.0.1/24 to cisco's inside interface 10.0.0.1 port 445 should be redirected to Internet address 30.0.0.1 with source address 20.0.0.1 (cisco's outside interface). How can I do that?

I try this:

ip nat ip nat outside source static tcp 30.0.0.1 445 10.0.0.1 445

ip nat inside source list TO-INET interface GigabitEthernet0/0 overload

ip access ext TO-INET

perm tcp host 10.0.0.1 host 30.0.0.1

It doesn't work.

1 ACCEPTED SOLUTION

Accepted Solutions
Gold

Re: Cisco NAT like proxy

Your nat is correct except that nat only occurs as the traffic passes from a inside to outside interface... at least in your case.

Since the traffic is sent to the routers ip itself it does not even leve the inside interface.

You should be able to policy route the traffic to the outside interface to cause the nat to occur. You will want to set the nexthop to be the router of your ISP.

6 REPLIES

Re: Cisco NAT like proxy

Which platform are you using, what version of IOS are you running?

Gold

Re: Cisco NAT like proxy

Your nat is correct except that nat only occurs as the traffic passes from a inside to outside interface... at least in your case.

Since the traffic is sent to the routers ip itself it does not even leve the inside interface.

You should be able to policy route the traffic to the outside interface to cause the nat to occur. You will want to set the nexthop to be the router of your ISP.

paa
New Member

Re: Cisco NAT like proxy

Thanks for you reply. I find order in witch NAT works with ip-packets - it is a great technical confiramtion of your words.

New Member

Re: Cisco NAT like proxy

#ip nat ip nat outside source static tcp 30.0.0.1 445 10.0.0.1 445

#ip nat inside source list TO-INET interface GigabitEthernet0/0 overload

#access-list ext

#access-list permit tcp host 10.0.0.1 host 30.0.0.1

New Member

Re: Cisco NAT like proxy

Try with the commands what i have replied ,if it does not work.please feel free to come back with the query.

paa
New Member

Re: Cisco NAT like proxy

You are right, if traffic will be addressed to some host in outside network. In may case, traffic addressed to cisco's inside interface.

145
Views
0
Helpful
6
Replies