Showing results for 
Search instead for 
Did you mean: 

Funky NAT Pool


Trying to do a workaround for a SQL/application related problem. Per customer's security requirements, they're only using a single source IP for a single destination IP. The SQL/app problem is that while there are multiple connections from the same source IP, but with diferent source ports, the SQL/app end rejects more than one user when a query is issued. So I thought we could just NAT that single IP out to a pool and that would allow the destination to see multiple source IP's. Unfortunately, I haven't been able to get it to work yet, but then again, I haven't had to do a nat poll in a very long time. Here's what I've got:

int tunnel 8

ip nat inside

int vlan 10

ip addr

ip nat outside

ip route

ip nat pool Cust netmask
ip nat outside source list Cust_out pool Cust add-route

access-list extended Cust_out
permit ip host any

We also have another static NAT for the destination IP:

ip nat inside source static

VLAN10 is a LAN interface ni a DMZ.

1 Reply 1

Marwan ALshawi
VIP Alumni
VIP Alumni

What you do is to create a nat pool with same ip as starting and ending of the range

In nat command use overload keyword to make it like static nat and dynamic pat

Ip nat pool pool1 netmask

Access-list 100 permit ip host any

Ip nat inside source list 100 pool pool1 overload

And make sure to remove the old nat config and the source interface has ip nat onside and the outgoing interface has ip nat outside

Hope this help

Sent from Cisco Technical Support iPhone App

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: