cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
741
Views
7
Helpful
24
Replies

About Router NAT Configuration Consultation

I have a C1111 router and I configured the following static NAT.

ip nat inside source static 192.168.2.190 172.25.139.241

ip nat inside source static 192.168.2.191 172.25.139.242

ip nat inside source static network 192.168.2.0 192.168.61.0 /24

I would like to know whether the third static NAT configuration will conflict with the previous two static NAT configurations?

What I want to achieve is that 192.168.2.100 and 192.168.2.101 are NATed to 172.25.139.241 and 172.25.139.242 respectively, and the other addresses of 192.168.2.0/24 are NATed to 192.168.61.0/24

3 Accepted Solutions

Accepted Solutions

Hello


@haininghuang3185 wrote:

Then I need to add the above configuration:

ip nat inside source static network 192.168.2.0 192.168.61.0 /24

I am not sure whether the newly added commands will conflict with the original NAT configuration.



No it WILL not conflict, you will be fine adding this, it will just create an additional permanent static mapping in the translation table along with the other two static mappings prior to any translation.
example::
Inside global               Inside local      
192.168.2.190           172.25.139.241
192.168.2.191           172.25.139.242
192.168.2.0               192.168.61.0


 

 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

View solution in original post

Friend the router seach NAT for same ingress and egress for host  192.168.2.190 (example) one by one

First  it will match NAT

192.168.2.190           172.25.139.241

So it will not continue to match other NAT

192.168.2.0               192.168.61.0

that make 2.190 and 2.191 never NATing to 192.168.61.x 

And it worse if he add 

Ip nat inside source static network 

Above all other NAT.

So we need to find away to solve this conflict.

The idea I have is he use route-map for first two static NAT' where if source is 2.190/2.191 and destiantion is specfic then he will use these NAT 

If not the router will match last NAT

MHM

View solution in original post

@haininghuang3185 
Just to clarify once more , you will be okay to add that additional static network statement you do not require any route-map statement.


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

View solution in original post

24 Replies 24

There is no such this command 

ip nat inside source static network 192.168.2.0 192.168.61.0 /24

What try to do here?

MHM

There is such a command, which I can configure on the C1111 router. Now I need to add a command, which is ip nat inside source static network 192.168.2.0 192.168.61.0 /24, but I am not sure whether this command will affect my original two commands
ip nat inside source static 192.168.2.190 172.25.139.241
ip nat inside source static 192.168.2.191 172.25.139.242

 

1.png

Friends there is 

One to one 

One to many (using pool)

But there is No 

Many to many 

MHM

Hello friend,

this command is also one-to-one NAT, which is to implement one-to-one NAT of the entire address segment, 192.168.2.0/24 NAT 192.168.61.0/24

You can look at this post

https://community.cisco.com/t5/routing/static-nat-for-a-complete-subnet/m-p/1297182#M122385

First time I see such this command,

But you are correct

It one to one if both real and mapped IP use same prefix

And there is no conflict since the real and mapped IP not use in other NAT

MHM

Hello


@MHM Cisco World 

But there is No 

Many to many
MHM


incorrect yes there is such a feature that can be used  like - ip nat inside source static network 192.168.2.0 192.168.61.0 /24


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Sorry but why the original post show 

192.168.2.0 and screenshot 192.168.100.0?

If it 192.168.100.0 this command not conflict 

If it 192.168.2.0 then there is conflicts 

MHM

I currently need to add a command to the original configuration
ip nat inside source static network 192.168.2.0 192.168.61.0 /24

Are the ingress and egress of both NAT same?

İf not then there is no issue if same then there is conflict. 

MHM