只有一个出口,只是不同的业务想nat成不同的地址,想针对源,目标,进行nat。
这个需求是可以实现的,基于ACL或是基于ROUTE-MAP都可以;
配置参考:
ip nat pool POOL-A 111.222.0.10 111.222.0.10 netmask 255.255.255.0
ip nat pool POOL-B 111.222.0.20 111.222.0.20 netmask 255.255.255.0
ip access-list extended LAN-1
permit ip host 172.16.0.1 any
ip access-list extended LAN-2
permit ip host 172.16.0.2 any
ip nat inside source list LAN-1 pool POOL-A overload
ip nat inside source list LAN-2 pool POOL-B overload
可通过show ip nat translations 命令查看效果:
Pro Inside global Inside local Outside local Outside global
icmp 111.222.0.10:5 172.16.0.1:5 111.222.0.254:5 111.222.0.254:5
icmp 111.222.0.20:6 172.16.0.2:6 111.222.0.254:6 111.222.0.254:6