Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Multiple wan interfaces with static nat translations

Hello everyone,

I am currently considering the way to accomplish the following. We have a cisco 2811 with 3 wan interfaces ( ADSL with different ISPs ) for load balancing - failover. My problem is how to accomplish static nat to multiple hosts on the lan interface. Seems to me that the way to do this is by either using multiple IPs on the host machines or by using route-maps and block the unneeded ports with access lists. Multiple IPs on host machines is not supported for the particular host operating system ( causes problems ) and from what I see with the use of route-maps I can actually nat one host to each public IP where I want to nat to two hosts ..... Is the only to achieve this with the use of another router between the LAN and 2811? This project is not actually working at the moment so I cant provide some configuration at the time, I am just wandering if this is possible with some other way....

Thanks in advance

  • WAN Routing and Switching
1 ACCEPTED SOLUTION

Accepted Solutions

Re: Multiple wan interfaces with static nat translations

Hey Bill,

Correct me if I am wrong, you want to forward traffic to a single host using multiple Public ip's? Or is it that you want to forward traffic coming on multiple ports to this single host?

** If its the first option, then thats not possible i.e you cannot use the same private inside ip with multiple public ip without a route-map. That too will only work in a Failover scenario, not when the traffic is being Load Balanced while going out.

Eg:

route-map isp1 permit 10
match interface FastEthernet0

route-map isp2 permit 10
match interface FastEthernet1

ip nat inside source static 192.168.1.10 207.127.77.33 route-map isp1

ip nat inside source static 192.168.1.10 199.199.77.33 route-map isp2

** If you are looking for forward different ports to the same inside host, then thats possible through port redirection:

ip nat inside source static tcp 192.168.1.10 3389 207.127.77.33 3389

ip nat inside source static tcp 192.168.1.10 80 207.127.77.33 80

In this situation also, the same rule will apply that load balancing of outgoing traffic will cause issues in NAT's proper working.

Hope it helps.

Neeraj

2 REPLIES

Re: Multiple wan interfaces with static nat translations

Hey Bill,

Correct me if I am wrong, you want to forward traffic to a single host using multiple Public ip's? Or is it that you want to forward traffic coming on multiple ports to this single host?

** If its the first option, then thats not possible i.e you cannot use the same private inside ip with multiple public ip without a route-map. That too will only work in a Failover scenario, not when the traffic is being Load Balanced while going out.

Eg:

route-map isp1 permit 10
match interface FastEthernet0

route-map isp2 permit 10
match interface FastEthernet1

ip nat inside source static 192.168.1.10 207.127.77.33 route-map isp1

ip nat inside source static 192.168.1.10 199.199.77.33 route-map isp2

** If you are looking for forward different ports to the same inside host, then thats possible through port redirection:

ip nat inside source static tcp 192.168.1.10 3389 207.127.77.33 3389

ip nat inside source static tcp 192.168.1.10 80 207.127.77.33 80

In this situation also, the same rule will apply that load balancing of outgoing traffic will cause issues in NAT's proper working.

Hope it helps.

Neeraj

New Member

Re: Multiple wan interfaces with static nat translations

Hey Neeraj,

Your answer is correct, I wasn't sure I could use nat with route-maps this way.....

Thank you for your time

1740
Views
0
Helpful
2
Replies
This widget could not be displayed.