cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

84
Views
0
Helpful
2
Replies
john.wright
Participant

natting inside address range to another inside address range private to private

Is it possible to nat as required by the below parameter's?

We wish to nat 192.168.200.0/24 (our private MPLS will not route any 192.168.x.x subnets by design) to another private range that our MPLS will route; 10.52.1.0/24.

We also wish to do the above nat only when the destination is on our private MPLS. Otherwise if the 192.168.200.0/24 is accessing the internet we wish to nat it to the outside public address.

2 REPLIES 2
Oliver Kaiser
Rising star

Hi John

Yes this is possible and used in scenarios like yours. You may use a Twice-NAT rule to NAT your network to another range in case the destination matches your MPLS ip range.

Sample configuration that will NAT LAN_INSIDE to LAN_INSIDE_NAT if traffic is traffic is sent from LAN_INSIDE to LAN_MPLS.

nat (inside,mpls) source static LAN_INSIDE LAN_INSIDE_NAT destination static LAN_MPLS LAN_MPLS net-to-net

Mark as helpful if this answers your question.

kaisero

Thank you very much for the response.

I am unclear about the config parameters inside the parenthesis (inside,mpls)

My understanding of what config items need to be in the parenthesis is this: " inside and mpls must be an interface on the FW".

So we would need to create an interface called MPLS which would be the network(vlan) of the MPLS router that we will install and the routable subnet; is that correct?

A second question:

In my example networks used above; the 192.168 is the inside network and the 10.52 is to be the IP address range of the MPLS router LAN side IP address we will install and the natted range that is allowed to route over our MPLS.. So in your example above how would I code the object networks?

Content for Community-Ad