description connected to primary local area network
ip address 172.16.11.1 255.255.255.0
description PPP connection from remote-users and extranet router using DDR (may have any peer address 0.0.0.0 )
ip address unumbered FastEthernet0
Here are the translations I want to occurr
I want all incoming ip packets on interface Async5 that are being routed to 172.16.11.0 subnet to appear as though they are originating from the FastEthernet0 interface.
Note: This looks like it would be accomplished by using NAT overload but I believe that involves marking the FastEthernet0 interface as be ip nat outside which it is not.
I also want any incoming ip packet on interface Async5 with a destination address on subnet 10.33.33.0 to have their destination network address translated to 172.16.11.0 but I want the host portion of the address to remain unchanged
Note: I think this would involve creating a nat pool of type match-host
If someone could give me guidance on how to do this and perhaps even a sample configuration I would really appreciate it.
The part of the solution you suggested using NAT overload is basically what I tried. It does work but unfornately it does require that I mark the actual inside port as outside and vice versa which I had hoped to avoid.
For some reason the I was never able to get a hit on access-list for the "match-host" translation you suggested. I have however found an alternate solution using static translations that appears to be working well.
The command is as follows
ip nat outside source static network 172.16.11.0 10.33.33.0 /24
At any rate the needed translations are occurring now.
When we said the word “hybrid” in the past, it usually recalled the image of a new variety of plant or maybe an electric car. These days, it applies to the workplace too.
The future of work isn’t “changing” to a h...
Thanks for attending our Ask the Experts (ATXs) session! Here’s the post-session resources for easy reference.
New to ATXs? An ATXs session, offered at no cost, is an hour of real-time learning led by Cisco experts, who will answer your technology q...
Cisco Secure Endpoint
New packages fit for every organization
Every Cisco Secure Endpoint (formerly AMP for Endpoints) package comes with Cisco SecureX built-in. It’s our cloud-native platform that integrates all your security solutions into one view wit...
Our Cisco experts and guests chat about how the integration of Cisco Secure Firewall + Secure Workload is securely accelerating application delivery by allowing NetOps to start running at DevOps speed, and what that means for business success.