Solved

policy based NAT on router

Posted on 2011-09-12
4
323 Views
Last Modified: 2012-06-21
Hello Experts,

It has been a long time since I have done NATing on an IOS router 2600 series with 12.x code.

Assume that f0/1 is IP NAT inside and f0/0 is IP NAT outside.

There is a VPN tunnel with 20.20.20.20 from the outside connecting to my 10.10.10.10 on inside.

When 20.20.20.20 from outside hits my 2800 router to access destination 10.10.10.10, I want it to translate to a source of 15.15.15.15.

It's a piece of cake to do it on an ASA.

0
Comment
Question by:trojan81
  • 2
4 Comments
 

Author Comment

by:trojan81
ID: 36526265
anyone?
0
 
LVL 18

Assisted Solution

by:jmeggers
jmeggers earned 100 total points
ID: 36526978
0
 
LVL 6

Accepted Solution

by:
Sanjeevloke earned 400 total points
ID: 36528489
interface FastEthernet0/1
 ip address 10.10.10.1 255.255.255.0
 ip nat inside

interface F0/1
 ip address 100.100.100.1 255.255.255.0
 ip nat outside

ip nat outside source static 20.20.20.20 15.15.15.15


Debug O/P
00:29:21: IP: s=15.15.15.15 (FastEthernet0), d=10.10.10.10 (FastEthernet0), len 100, rcvd 3
00:29:21: IP: s=10.10.10.10 (local), d=15.15.15.15 (FastEthernet0), len 100, sending
00:29:22: IP: s=15.15.15.15 (FastEthernet0), d=10.10.10.10 (FastEthernet0), len 100, rcvd 3
00:29:22: IP: s=10.10.10.10 (local), d=15.15.15.15 (FastEthernet0), len 100, sending

R1# sh ip nat translations
Pro Inside global      Inside local       Outside local      Outside global
--- ---                ---                              15.15.15.15        20.20.20.20
--- 10.10.10.10        10.10.10.10        15.15.15.15        20.20.20.20

0
 

Author Comment

by:trojan81
ID: 36531540
thank you sanjeevloke,

What if instead of source NATing to 15.15.15.15, I want it to PAT out of the egress interface which is 10.10.10.1.

Would you be able to provide me a sample syntax? Must appreciated!
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cisco Access point 6 62
Vlan to Vlan communication 9 81
Turn off SIP ALG - Cisco ASA 5505 1 33
Routing 2 local networks together 8 72
Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

25 Experts available now in Live!

Get 1:1 Help Now