Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
482
Views
5
Helpful
24
Replies

About Router NAT Configuration Consultation

Go to solution
haininghuang3185
Level 1
Level 1

‎09-05-2024 12:44 AM

I have a C1111 router and I configured the following static NAT.

ip nat inside source static 192.168.2.190 172.25.139.241

ip nat inside source static 192.168.2.191 172.25.139.242

ip nat inside source static network 192.168.2.0 192.168.61.0 /24

I would like to know whether the third static NAT configuration will conflict with the previous two static NAT configurations?

What I want to achieve is that 192.168.2.100 and 192.168.2.101 are NATed to 172.25.139.241 and 172.25.139.242 respectively, and the other addresses of 192.168.2.0/24 are NATed to 192.168.61.0/24

0 Helpful
24 Replies 24

Go to solution
paul driver
VIP
VIP
In response to haininghuang3185

‎09-05-2024 01:27 AM

Hello @haininghuang3185 
Nw I understand...so then you should be okay with the cfg you already have applied........however yet another option may be applicable would be to used nat " match-host"

ip nat pool POOL 192.168.61.1 192.168.61.254 prefix-length 24 type match-host
this will match inside local to inside global addressing


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

Go to solution
MHM Cisco World
VIP
VIP
In response to paul driver

‎09-05-2024 02:00 AM

İp nat Inside source static network

Not use pool at all. 

MHM

0 Helpful

Go to solution
paul driver
VIP
VIP

‎09-05-2024 02:49 AM - edited ‎09-05-2024 03:01 AM

Hello

@haininghuang3185 wrote:

Then I need to add the above configuration:

ip nat inside source static network 192.168.2.0 192.168.61.0 /24

I am not sure whether the newly added commands will conflict with the original NAT configuration.


No it WILL not conflict, you will be fine adding this, it will just create an additional permanent static mapping in the translation table along with the other two static mappings prior to any translation.
example::
Inside global               Inside local      
192.168.2.190           172.25.139.241
192.168.2.191           172.25.139.242
192.168.2.0               192.168.61.0


 

 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

Go to solution
MHM Cisco World
VIP
VIP
In response to paul driver

‎09-05-2024 02:55 AM

2.190 and 2.191 will always NAT usign first two NaT line and never NaT to 192.168.61.0

This conflict.

MHM

 

0 Helpful

Go to solution
paul driver
VIP
VIP
In response to MHM Cisco World

‎09-05-2024 02:56 AM

@MHM Cisco World 
Can you elaborate?


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

Go to solution
MHM Cisco World
VIP
VIP
In response to paul driver

‎09-05-2024 03:03 AM

Friend the router seach NAT for same ingress and egress for host  192.168.2.190 (example) one by one

First  it will match NAT

192.168.2.190           172.25.139.241

So it will not continue to match other NAT

192.168.2.0               192.168.61.0

that make 2.190 and 2.191 never NATing to 192.168.61.x 

And it worse if he add 

Ip nat inside source static network 

Above all other NAT.

So we need to find away to solve this conflict.

The idea I have is he use route-map for first two static NAT' where if source is 2.190/2.191 and destiantion is specfic then he will use these NAT 

If not the router will match last NAT

MHM

Go to solution
haininghuang3185
Level 1
Level 1
In response to MHM Cisco World

‎09-05-2024 03:03 AM

If so, then I can achieve my needs.

I want to achieve is that 192.168.2.100 and 192.168.2.101 are NAT to 172.25.139.241 and 172.25.139.242 respectively, and the other addresses of 192.168.2.0/24 are NAT to 192.168.61.0/24.

Go to solution
MHM Cisco World
VIP
VIP
In response to haininghuang3185

‎09-05-2024 03:05 AM

If that so there is not conflict you can use both NAT

MHM

0 Helpful

Go to solution
paul driver
VIP
VIP

‎09-05-2024 03:13 AM - edited ‎09-05-2024 03:15 AM

Hello 

@MHM Cisco World wrote:

that make 2.190 and 2.191 never NATing to 192.168.61.x 

So it will not continue to match other NAT
192.168.2.0               192.168.61.0

 


You are incorrect in your thinking
Remember these are the two single specific static nat mappings so they will NEVER nat to 192.168.61.x as they are STATIC (1-2-1 mapping)

So adding the any other none specified staitc network mapping will ONLY use the 192.168.2.0 <> 192.168.61.0 nat statement and not conflict 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

Go to solution
paul driver
VIP
VIP

‎09-05-2024 03:19 AM

@haininghuang3185 
Just to clarify once more , you will be okay to add that additional static network statement you do not require any route-map statement.


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card