cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
874
Views
0
Helpful
4
Replies

Conditional Static NAT

rbradshaw85
Level 1
Level 1

Hi

Is the following possible and how can I achieve it? (I'm sure it is)

I want to set up a one to one NAT only for 1 external IP.

So if my router had the following:

Inside IP: 10.0.0.1
Outside IP: 12.12.12.12

Inside server: 10.0.0.10
External client: 15.15.15.15

How can I configure the router so it only allowed the one to one NAT translation for connections coming from the external client to the internal server?

All other external IPs would not be NAT'd.

Thanks in advance
Ryan.

4 Replies 4

Ryan,

you could use static NAT. On your router, configure the following statement:

ip nat outside source static 15.15.15.15 10.0.0.10

On the interface with IP address 12.12.12.12, configure 'ip nat outside'.

On the interface with IP address 10.0.0.1, configure 'ip nat inside'.

That should do it...

Thanks for the reply.

The external client IP address isn't part of my external address pool so surely this would not work? I just labbed it and it wasn't successful.

I am familiar with static NAT, but I am not sure if the solution lies in a NAT/route-map of some sort, even though i have tried a few different variations with no success.

Sorry for the misunderstanding. What is the external address pool ? What is the external client IP address ? Are these public IP addresses ?

Ryan,

I am looking at NAT Route Maps Outside-to-Inside Support Feature, which allows IP sessions to be initiated from the outside to the inside. It doesn't work with static NAT, so you need to configure a pool with just one IP address, the address of your server:

ip nat pool SERVER 10.0.0.1 10.0.0.1 netmask 255.255.255.255
ip nat inside source route-map INT_SERVER pool SERVER reversible

Review Cisco Networking for a $25 gift card