The traffic is initiated from One IP (eg. 192.168.1.1) to two different destinations (eg. 172.21.1.1 and 172.16.1.1)
The source needs to be translated to two different IPs based the destination it tries to access. eg. if source 192.168.1.1 tries to access 172.21.1.1 it will be translated to 10.21.1.1, if source 192.168.1.1 tries to access 172.16.1.1 it will be translated to 10.16.1.1.
The source 192.168.1.1 is at outside interface. The traffic is from outside to inside.
The problem I am having is that when first request from 192.168.1.1 to any of the destination, it gets translated, but when the second request to different destination, it never match the access list, and it just match the current NAT table entry and translate.
I know this is similiar to Multiple ISP senerio except for my case the traffice is from outside to inside.
I don't think what you are trying to achieve is possible. Atleast not from outside to inside.
If the Inside and outside zones were to be reversed then yes, you can configure NAT to check the destination and then change the source of the packet.
In your scenario:
- "ip nat outside source static" will not work as it will always check the source of the packet and will execute the first NAT command it hits, so the second entry will never be used. I am even doubtful that it will let you configure a second static NAT entry with the same Global outside ip
- "ip nat outside source list" command will not work because again in the ACL you will be matching 192.168.1.1, and that too only Standard ACL is accepted, so there won't be any checks for the destination ip. And as per my experience, if we use route-map here and an extended ACL, then the destination is not checked
If anyone else have a workaround for this, I should be interesting to know about it
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...