?
Solved

Add a route-map to an "ip nat inside source static" statement

Posted on 2007-10-12
4
Medium Priority
?
4,453 Views
Last Modified: 2012-05-05
I are trying to add a route-map statement to a nat statement.  We have a Cisco 2811 firewall/router.  I initiall added the "ip nat inside source static statement using the GUI SDM configuration tool.  When it was loaded it didn't show the route-map statement (see example below of one with the map and the one I added without the map) or allow me to add or edit it to include the statement.  So I tried to telenet into the router and can't see how to do this.  I am a novice doing this.  Please be very specific in responding and please don't assume I have any specific knowlege.  
See example is below:
ip nat inside source static 192.168.100.15 2xx.xxx.xxx.69 route-map nonat-static
ip nat inside source static 192.168.100.13 2xx.xxx.xxx.70
 
0
Comment
Question by:sfletcher1959
4 Comments
 
LVL 32

Expert Comment

by:rsivanandan
ID: 20067513
What is that you want this route-map to do ? In other words what are you trying to achieve?

Cheers,
Rajesh
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 1500 total points
ID: 20067632
Your syntax is off a little bit.
Here's what it should look like:

access-list 101 deny ip host 192.168.100.13 any
access-list 101 deny ip host 192.168.100.15 any
access-list 101 permit ip 192.168.100.0 0.0.0.255 any

route-map nonat-static permit 10
 match address 101
ip nat inside source route-map nonat-static 2xx.xxx.xx.69 overload
ip nat inside source static 192.168.100.13 2xx.xxx.xxx.70
ip nat inside source static 192.168.100.15 2xx.xxx.xxx.71
0
 

Author Comment

by:sfletcher1959
ID: 20067894
The syntax of course depends on the IOS version.  The statement I have included was cut directly from our existing configuration.  In that configuration the IP address that ends in .69, works perfectly.  I appreciate the responses, but was able to modify the statement to add the route-map as indicated above and it is now working.  Thanks for taking the time to try and help me.
0
 
LVL 1

Expert Comment

by:techium
ID: 20603666
sfletcher,

Can I ask if you can share what you did to make this work?  I am having similar issues with our router where I have to publish our MS Exchange server to one of our Public IPs.  But using a standard 1-to-1 Static NAT command does not allow my dynamic VPN (road warrior) clients to utilize the Exchange server when they VPN-in using their Cisco VPN client.  My LAN is a 192.168.0.X network and I give my Dynamic VPN clients a 172.16.0.X IP.  The Dynamic VPN users use the same router as their VPN endpoint as well.  Thanks.

Rerwin
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On Feb. 28, Amazon’s Simple Storage Service (S3) went down after an employee issued the wrong command during a debugging exercise. Among those affected were big names like Netflix, Spotify and Expedia.
Considering cloud tradeoffs and determining the right mix for your organization.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question