Re: How to differ NAT by outside interface on router C891F

Eurenergy · ‎11-19-2018

Hello experts,

i've benn reading many articles about how to setup NAT but didn't find an answer for my "special case" with natting across vlans but not to the internet

I want to do the following:

I've three vlan interfaces

- if1 has ip address 10.10.10.1/24,

- if2 has ip address 10.10.20.1/24,

- if 3 has ip address 10.10.30.1/24

if 1 may be an inside interface

- behind it there's a server with ip-address 10.10.10.5

if 2 may be an outside interface

- On this interface I'd like to NAT the inside 10.10.10.5 to outside 10.10.20.5

if 3 may be another outside interface

- On this interface I'd like to NAT the inside 10.10.10.5 to (different) outside adress: 10.10.30.5

so

- a user coming from internal network behind if 2 can access the server using the ip 10.10.20.5

- a user coming from internal network behind if 3 can access the server using the ip 10.10.30.5

can this be configured on a cisco C891F router ? How to do that ?

Thanks for any help

Georg Pauwen · ‎11-24-2018

Hello,

it is unclear from your post what you want to translate to what. Post a schematic drawing that visualizes what you are trying to achieve...

Eurenergy · ‎11-26-2018

Hi Georg,

I've attached my schematic drawing.

I found that in an ASA I could write:

static (vlan1, vlan2) 10.10.10.5 10.10.20.5 netmask 255.255.255.255

static (vlan1, vlan3) 10.10.10.5 10.10.30.5 netmask 255.255.255.255

but for the IOS router I didn't find something like that; looks like I only can declare one single NAT-roule per inside source:

ip nat inside source static 10.10.10.5 10.10.20.5

Interface vlan 1

ip address 10.10.10.1 255.255.255.0

ip nat inside

Exit

Interface vlan 2

ip address 10.10.10.2 255.255.255.0

ip nat outside

exit

--> so - no Chance to declare a different translation roule to vlan 3 ?