cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Cisco announces new innovations in SD-WAN, ISRs, SD-WAN Services, and Catalyst 9000 Series switches


94
Views
0
Helpful
4
Replies
Beginner

how to source nat from public to private ip?

Pretty basic issue here (core problem of a larger issue)...  I have a port forward setup:

 

ip nat inside source static tcp 198.168.1.10 1111 [our public IP address] 1111 extendable

 

Works fine.  But I would like to NAT the source IP to be an internal address, which I do here:

 

ip nat outside source static [external Internet address] 198.168.1.11

 

NAT table looks as intended now:

Pro  Inside global         Inside local          Outside local         Outside global

tcp  [our public IP]:1111   192.168.10:1111    192.168.11:57164    [external Internet address]:57164

 

However, once I do this, the routing breaks.  I can't get back and I have an Incomplete ARP entry for 198.168.1.11.

 

I have attempted to correct this by adding in 

 

ip route 198.168.1.11 15 255.255.255.255 GigabitEthernet0/0  (our Internet connected interface)

 

Can anyone provide some insight into what is going on or how to troubleshoot?  Thanks

4 REPLIES
Highlighted
VIP Advisor

Re: how to source nat from public to private ip?

Please note:
This relates an original thread already open.  - here



kind regards
Paul

Please don't forget to rate any posts that have been helpful.
Hall of Fame Guru

Re: how to source nat from public to private ip?

 

Adding the static route should have fixed it as it is to do with the order of NAT and routing. 

 

Instead of manually adding a route when you configure your "ip nat outside ..." statement do you have the "add-route" option you can use ? 

 

It is essentially doing the same thing but worth seeing if it does what you want. 

 

Jon

Beginner

Re: how to source nat from public to private ip?

Hi Jon,

 

Paul from above has been very kindly providing suggestions in the other thread he linked to.  

 

I've tried the add-route option previously, but it did not make any difference.  I've just tried again now, but to avail.

VIP Advisor

Re: how to source nat from public to private ip?

Hello

Based on your last post in the other thread regards having two outside interfaces and wanting to nat internally atached is a working sample:



kind regards
Paul


kind regards
Paul

Please don't forget to rate any posts that have been helpful.
CreatePlease to create content
Content for Community-Ad

Blog-Cisco Community Designated VIP Class of 2019