09-15-2003 05:38 PM - edited 03-02-2019 10:21 AM
If I have a single external static ip address of 219.21.23.1 . Is it possible for me to NAT this single static ip address to an internal subnet of 192.168.100.0 255.255.255.252. Is this possible? Thanks.
ip nat inside source static 192.168.100.0 255.255.255.252 219.21.23.1
09-15-2003 09:56 PM
Static NAT implies that you associate one external IP address with only one internal IP address.
To statically NAT subnet 192.168.100.0/30 - 4 host subnet, from whic only two are IP addresset that can be assigned to hosts, you need 2 public IP addresses.
If you don't have two public IP addresses, then you can configure dynamic NAT with the overload facility. With this facilitu you can NAt two or more private IP addresses into one public IP address.
The commands to implement this feature in the router:
ip nat inside source list 10 pool NET1 overload
ip nat pool NET1 219.21.23.1 219.21.23.1 prefix-length 24
access-list 10 permit 192.168.100.0 0.0.0.3
09-15-2003 10:45 PM
Thanks Liviu, what if I just want the external static ip address 219.21.23.1 to be NAT to just two internal ip address 192.168.100.9 and 192.168.100.10 . Is it possible and what is the code?
09-15-2003 10:58 PM
Static NAT is possible between 219.21.23.1 and only one internal address. The code for this is:
ip nat inside source static 192.168.100.9 219.21.23.1
Cheeers
09-16-2003 05:56 AM
If you only have one legal IP and your goal is to NAT the whole subnet, but you have some servers (like www or smtp) on the private network, you could use PAT and extendable NAT to do port mappings to the internal www or smtp servers:
http://www.cisco.com/en/US/tech/tk175/tk15/technologies_configuration_example09186a0080093e51.shtml
09-16-2003 10:20 PM
Thanks Jamey,
Does this mean with PAT I can do this:
ip nat inside source list 10 interface Ethernet 1 overload
ip nat inside source static tcp 192.168.100.5 80 219.21.23.1 80 extendable
ip nat inside source static tcp 192.168.100.6 80 219.21.23.1 80 extendable
ip nat inside source static tcp 192.168.100.8 1352 219.21.23.1 1352 extendable
ip nat inside source static tcp 192.168.100.12 1352 219.21.23.1 1352 extendable
ip nat inside source static tcp 192.168.100.13 smtp 219.21.23.1 smtp extendable
ip nat inside source static tcp 192.168.100.14 smtp 219.21.23.1 smtp extendable
ip nat inside source static tcp 192.168.100.26 telnet 219.21.23.1 telnet extendable
access-list 10 permit 192.168.100.0 0.0.0.255
This is really what I want to do. Two Lotus notes servers, 2 smtp servers, telnet, 2 web servers mapped to the same External Ip address 219.21.23.1. I really need this functionality for clustering servers.
09-17-2003 06:59 AM
You're going to need more legal IPs. The server will not know if say an smtp request comes in to 219.21.23.1 tcp port 25 which internal server to send it to 192.168.100.13 or 192.168.100.14.
Idealy you would have one legal IP for each internal server and one legal IP for use with PAT for the regular PC clients.
I'd try to get more legal IPs from your ISP.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide