Hello.

I have a nat and vpn setup on my Cisco 2801 router.

Everything is working as expected except the NAT.  I have a single static nat translation but it only works for inbound and not outbound.  Going outbound, it uses the default overload nat address of the outside interface.

Here is the relevant part of the config.

ip nat inside source list 110 interface FastEthernet0/0 overload
ip nat inside source static 192.168.2.45 74.218.119.220 route-map static-nat

!
access-list 100 permit ip 192.168.2.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 101 permit tcp any host 74.218.119.220 eq 3389
access-list 101 permit ip 207.166.204.0 0.0.0.255 any
access-list 101 permit ahp host 207.166.204.2 host 74.218.119.211
access-list 101 permit esp host 207.166.204.2 host 74.218.119.211
access-list 101 permit udp host 207.166.204.2 host 74.218.119.211 eq isakmp
access-list 101 permit udp host 207.166.204.2 host 74.218.119.211 eq non500-isakmp
access-list 101 permit ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
access-list 105 permit udp any any eq 4569
access-list 105 permit udp any any eq 5060
access-list 105 permit tcp any any eq 5060
access-list 105 permit ip any any tos min-delay
access-list 110 deny   ip 192.168.2.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 110 permit ip 192.168.2.0 0.0.0.255 any
access-list 120 deny   ip host 192.168.2.45 192.168.1.0 0.0.0.255
access-list 120 permit ip host 192.168.2.45 any
snmp-server community public RO
!
route-map static-nat permit 10
match ip address 120

Basically the problem is this.

I want to add another mailserver.  But I fear if one mailserver were to get black-listed, they would both be reporting there ip address as the same address (the one on the ethernet interface) which would blacklist both mail servers.

Again, inbound nat works ok, but outbound is just using the IP of the ethernet0/0 address.

Please help!