Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

Conditional outside NAT??

i have a scenario like this:-

There are 3 companies A,B and C. The WAN connection is thru ISDN BRI links(1841 routers).Traffic from A has to travel to B and C. When traffic enters form A to B lan source ip of packets should appear as it is. But when traffic is headed for C the source ip address of packets from A have to be hidden. ie depending upon the destination the source ip's have to be as it is or hidden. Is this possible?. Is outside nat the solutoin. Pls help!!

Thanks and regards


Hall of Fame Super Blue

Re: Conditional outside NAT??

Hi Sonu

On router A you can use a route-map to NAT when traffic is going to C


Your router at Site A has an inside interface which connects to your internal network - fa0/0

& an external interface that is used to get to the remote site - fa0/1

Site A subnet is

Site C subnet is

access-list 101 permit ip

access-list 101 deny ip any any

route-map hide permit 10

match address 101

ip nat inside source route-map hide interface fa0/1 overload

On the inside interface fa0/0 -

ip nat inside

on the outside interface fa0/1

ip nat outside

What the above will do is if traffic from site A ( ) goes to site C ( ) it will get Natted to the IP address of the fa0/1 interface on your router.

If the subnet goes to any other place or any other traffic going from inside to outside on your router this will not get Natted.

Does this make sense ?


New Member

Re: Conditional outside NAT??



Routers for company A & C are not under my control.As such i have to implement this using B's (my company's) 1841 router using outside nat & route maps ie if it is possible.

A's src ip =

C's src ip as seen by A =

C's src ip as seen by B (my company) =

B's (my company) LAN ranges:- 10.10.9.X


ie has been NATed to

The requirement is:-

When traffic from A ( goes to (C) its source ip ie has to be changed to 10.50.12.X.(to appear as though it is sourced from our LAN)

But when traffic from A( goes to our LAN its source ip has to remain as such.(obvious)

I want to know if this is possible by configuring our 1841 router having IOS 12.3, without doing anything on other routers.The connection between the routers is by ISDN BRI.Please advice as to how this can be overcome !

Thanks & regards


CreatePlease to create content