Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Attention: The Cisco Support Community site will be in read only mode on Dec14, 2017 from 12:01am PST to 11:30am for standard maintenance. Sorry for the inconvenience.

New Member

Router 12.4: Inside -> Outside Source NAT with specific Traffic target

Hello!

I have a problem.

I want to Source Nat Traffic going from one internal Host to one Specific External Host (remote system) to a specific IP on an outside Interface.

Any Idea?

Thanks!

E.g

(Traffic from Internal Host 10.1.1.1 Port 25 sent to 8.8.8.8 should get the External IP 3.3.3.3)

Everyone's tags (4)
1 ACCEPTED SOLUTION

Accepted Solutions
Bronze

Re: Router 12.4: Inside -> Outside Source NAT with specific Traf

Hi

Traffic from Internal Host 10.1.1.1 Port 25 sent to 8.8.8.8 should get the External IP 3.3.3.3

Try this-

ip nat inside source static 10.1.1.1 3.3.3.3 route-map test

route-map test permit 10

match ip address 101

"Not sure if by port 25 you mean source or destination port (assuming the protocol as TCP)"

"for source port 25"

access-list 101 permit tcp host 10.1.1.1 eq 25 host 8.8.8.8

"for destination port 25 "

access-list 101 permit tcp host 10.1.1.1 host 8.8.8.8 eq 25

HTH

Regards

5 REPLIES
Bronze

Re: Router 12.4: Inside -> Outside Source NAT with specific Traf

Hi

Traffic from Internal Host 10.1.1.1 Port 25 sent to 8.8.8.8 should get the External IP 3.3.3.3

Try this-

ip nat inside source static 10.1.1.1 3.3.3.3 route-map test

route-map test permit 10

match ip address 101

"Not sure if by port 25 you mean source or destination port (assuming the protocol as TCP)"

"for source port 25"

access-list 101 permit tcp host 10.1.1.1 eq 25 host 8.8.8.8

"for destination port 25 "

access-list 101 permit tcp host 10.1.1.1 host 8.8.8.8 eq 25

HTH

Regards

Re: Router 12.4: Inside -> Outside Source NAT with specific Traf

also you can use this config

ip nat pool pool1 3.3.3.3 3.3.3.3 prefix-length 24 ---- you need to put the requred prefix length (subnet)
ip nat inside source route-map map1 pool pool1
!
access-list 100 permit tcp host 10.1.1.1 host 8.8.8.8 eq smtp
!
route-map map1 permit 10
match ip address 100

good luck

if helpful Rate

New Member

Re: Router 12.4: Inside -> Outside Source NAT with specific Traf

Thanks Guys.

I made it without a route map... only with the access list defining..

ip nat inside source list 120 pool POOL_EXT overload

will this work also? i cannot test it (yet)

Re: Router 12.4: Inside -> Outside Source NAT with specific Traf

supposed to work

but sometimes with ACL dos not work .. why i do not know

if you got any problem just change it to oneof the ways mentioned above with route-map

good luck

if helpful Rate

Bronze

Re: Router 12.4: Inside -> Outside Source NAT with specific Traf

Interestingly yes, sometimes acl doesnt work and whenever I faced NAT+ACL situation, I used to get very frustrated (not because I was not aware that I can use route-map but why ACL solution not working was the problem).

Today I got bit of hope as i read one of technology blog  (not tested or verified with Cisco documentation)

It says "route-maps can match against extended access lists, whereas "ip nat inside source list" supports standard access lists only"

If this is true, NAT+route-map is the only solution here

HTH

Regards

1908
Views
0
Helpful
5
Replies
CreatePlease to create content