Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
2028
Views
0
Helpful
4
Replies

how to source nat from public to private ip?

JamesS4
Level 1
Level 1

‎01-11-2019 08:06 AM - edited ‎03-05-2019 11:10 AM

Pretty basic issue here (core problem of a larger issue)...  I have a port forward setup:

 

ip nat inside source static tcp 198.168.1.10 1111 [our public IP address] 1111 extendable

 

Works fine.  But I would like to NAT the source IP to be an internal address, which I do here:

 

ip nat outside source static [external Internet address] 198.168.1.11

 

NAT table looks as intended now:

Pro  Inside global         Inside local          Outside local         Outside global

tcp  [our public IP]:1111   192.168.10:1111    192.168.11:57164    [external Internet address]:57164

 

However, once I do this, the routing breaks.  I can't get back and I have an Incomplete ARP entry for 198.168.1.11.

 

I have attempted to correct this by adding in 

 

ip route 198.168.1.11 15 255.255.255.255 GigabitEthernet0/0  (our Internet connected interface)

 

Can anyone provide some insight into what is going on or how to troubleshoot?  Thanks

Labels:
0 Helpful
4 Replies 4

paul driver
VIP
VIP

‎01-11-2019 12:10 PM - edited ‎01-11-2019 12:10 PM

Please note:
This relates an original thread already open.  - here


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame

‎01-11-2019 12:24 PM - edited ‎01-11-2019 12:25 PM

 

Adding the static route should have fixed it as it is to do with the order of NAT and routing. 

 

Instead of manually adding a route when you configure your "ip nat outside ..." statement do you have the "add-route" option you can use ? 

 

It is essentially doing the same thing but worth seeing if it does what you want. 

 

Jon

0 Helpful

JamesS4
Level 1
Level 1
In response to Jon Marshall

‎01-11-2019 12:50 PM

Hi Jon,

 

Paul from above has been very kindly providing suggestions in the other thread he linked to.  

 

I've tried the add-route option previously, but it did not make any difference.  I've just tried again now, but to avail.

0 Helpful

paul driver
VIP
VIP
In response to JamesS4

‎01-11-2019 01:46 PM

Hello

Based on your last post in the other thread regards having two outside interfaces and wanting to nat internally atached is a working sample:



kind regards
Paul

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
sample.png
Preview file
32 KB
sample NAT.txt
Preview file
3 KB
0 Helpful
Top