03-20-2007 01:25 AM - edited 03-11-2019 02:49 AM
Hi,
I have the following requirement....
I would like to NAT 3 public ip addresses to one inside ip address and same destination port.
What I mean is.... say for example I have the following 3 public ip address 85.x.x.1, 85.x.x.2 & 85.x.x.3.... so whenever anybody from internet trys to access 85.x.x.1-3 on say tcp port number 25 it should get translated to the one single inside ip 10.x.x.10 tcp port 25....
Hope my requirement is clear...
How to acheive this ?? anybody suggest me on this pls...
Regards
03-20-2007 07:36 AM
This should be simple enough. Do you want to send ports to different internal servers? or a simple one to one nat?
if you want a simple one to one nat, just click on the NAT tab on the configuration screen, and create a nat from the Private IP to the Public or External IP. You should be able to make as many as you want.
If you want to route say port 25 to a different server, and have say port 80 go to a different server, the process is simular, however use the PAT "Port Address Translation" checkbox.
I hope this helps.
03-20-2007 07:46 AM
If you attempt the following...
static (inside,outside) 85.x.x.1 10.x.x.10 netmask 255.255.255.255
static (inside,outside) 85.x.x.2 10.x.x.10 netmask 255.255.255.255
or
static (inside,outside) tcp 85.x.x.1 smtp 10.x.x.10 smtp netmask 255.255.255.255
static (inside,outside) tcp 85.x.x.2 smtp 10.x.x.10 smtp netmask 255.255.255.255
you will receive this "ERROR: duplicate of existing static".
03-20-2007 10:01 PM
Hi,
Yes acomiskey, I'm getting the same error and I really want to acheive the same as you had mentioned.... so whats the way out to solve this issue....
It would be of really a great help if someone help me to solve this issue....
Thanks
03-21-2007 08:27 AM
Not sure that you can do that, but you can do this..
static (inside,outside) tcp 85.x.x.1 smtp 10.x.x.10 smtp netmask 255.255.255.255
static (inside,outside) tcp 85.x.x.2 www 10.x.x.10 www netmask 255.255.255.255
06-12-2007 09:00 PM
Hi,
I'm running the same limitation, where my customer has only one SPAM/Relay, wich is the Barracuda that serves two different domains, so each domain has a unique MX, lets say IP "1.1.1.1" for domain "A.COM" and IP "2.2.2.2" for domain "B.COM".
So I tried exactly the same, doing:
static (inside,outside) tcp 1.1.1.1 25 X.X.X.X 25 netmask 255.255.255.255 0 0
static (inside,outside) tcp 2.2.2.2 25 X.X.X.X 25 netmask 255.255.255.255 0 0
In this case, run the MX on different IPs is required to do right reverse DNS lookups.
So, the idea is to have one local IP being NATed to two global IPs.
Today, he haves a linux based firewall that allows it, so is very complicated to explain why Cisco can?t do that...
If you found some solution, please notify me.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: