Solved: Re: nat question

danilodicesare · ‎05-01-2008

Hi all,

i've got this situation:

policy src nat from 1 specific IP to some other, it works, if i contact from 1.1.1.1 --> 2.2.2.2 port 23 i've translated src 1.1.1.1 to 3.3.3.3 and if i contact 1.1.1.1 --> 4.4.4.4 port 22 i've translated src 1.1.1.1 to 5.5.5.5.

But i need also comunication from 7.7.7.7 to my 1.1.1.1 port 23 and 8.8.8.8 to my 1.1.1.1 port 23 translation. I mean 7.7.7.7 contact my real 1.1.1.1 but pointing to address 9.9.9.9 and 8.8.8.8 contact my 1.1.1.1 but pointing to address 10.10.10.10.

so i need a kind of policy NAT from outside world destination point of view.

do you think is possible?

thk

dan

amritpatek · ‎05-07-2008

For the configuration nat for Outside-to-Inside Support Design follow the steps :

1. enable

2. configure terminal

3. ip nat pool name start-ip end-ip netmask netmask

4. ip nat pool name start-ip end-ip netmask netmask

5. ip nat inside source rout-map name pool name [reversible]

6. ip nat inside source rout-map name pool name [reversible]

View solution in original post

sundar.palaniappan · ‎05-07-2008

Dan,

If I understood your requirement correctly you should be able to get this to work by using route maps with static translations. It's a cool feature and I can see it working. Try this and let us know how you did.

ip nat inside source static 1.1.1.1 3.3.3.3 route-map test

ip nat inside source static 1.1.1.1 9.9.9.9 route-map test2

route-map test

match ip address 150

route-map test2

match ip address 160

access-list 150 permit tcp host 1.1.1.1 host 2.2.2.2 eq 23

access-list 160 permit tcp host 7.7.7.7 host 9.9.9.9 eq 23

HTH

Sundar