Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

nat question

Hi all,

i've got this situation:

policy src nat from 1 specific IP to some other, it works, if i contact from 1.1.1.1 --> 2.2.2.2 port 23 i've translated src 1.1.1.1 to 3.3.3.3 and if i contact 1.1.1.1 --> 4.4.4.4 port 22 i've translated src 1.1.1.1 to 5.5.5.5.

But i need also comunication from 7.7.7.7 to my 1.1.1.1 port 23 and 8.8.8.8 to my 1.1.1.1 port 23 translation. I mean 7.7.7.7 contact my real 1.1.1.1 but pointing to address 9.9.9.9 and 8.8.8.8 contact my 1.1.1.1 but pointing to address 10.10.10.10.

so i need a kind of policy NAT from outside world destination point of view.

do you think is possible?

thk

dan

2 ACCEPTED SOLUTIONS

Accepted Solutions
Silver

Re: nat question

For the configuration nat for Outside-to-Inside Support Design follow the steps :

1. enable

2. configure terminal

3. ip nat pool name start-ip end-ip netmask netmask

4. ip nat pool name start-ip end-ip netmask netmask

5. ip nat inside source rout-map name pool name [reversible]

6. ip nat inside source rout-map name pool name [reversible]

Re: nat question

Dan,

If I understood your requirement correctly you should be able to get this to work by using route maps with static translations. It's a cool feature and I can see it working. Try this and let us know how you did.

ip nat inside source static 1.1.1.1 3.3.3.3 route-map test

ip nat inside source static 1.1.1.1 9.9.9.9 route-map test2

route-map test

match ip address 150

route-map test2

match ip address 160

access-list 150 permit tcp host 1.1.1.1 host 2.2.2.2 eq 23

access-list 160 permit tcp host 7.7.7.7 host 9.9.9.9 eq 23

HTH

Sundar

2 REPLIES
Silver

Re: nat question

For the configuration nat for Outside-to-Inside Support Design follow the steps :

1. enable

2. configure terminal

3. ip nat pool name start-ip end-ip netmask netmask

4. ip nat pool name start-ip end-ip netmask netmask

5. ip nat inside source rout-map name pool name [reversible]

6. ip nat inside source rout-map name pool name [reversible]

Re: nat question

Dan,

If I understood your requirement correctly you should be able to get this to work by using route maps with static translations. It's a cool feature and I can see it working. Try this and let us know how you did.

ip nat inside source static 1.1.1.1 3.3.3.3 route-map test

ip nat inside source static 1.1.1.1 9.9.9.9 route-map test2

route-map test

match ip address 150

route-map test2

match ip address 160

access-list 150 permit tcp host 1.1.1.1 host 2.2.2.2 eq 23

access-list 160 permit tcp host 7.7.7.7 host 9.9.9.9 eq 23

HTH

Sundar

94
Views
0
Helpful
2
Replies