cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2180
Views
0
Helpful
4
Replies

how to source nat from public to private ip?

JamesS4
Level 1
Level 1

Pretty basic issue here (core problem of a larger issue)...  I have a port forward setup:

 

ip nat inside source static tcp 198.168.1.10 1111 [our public IP address] 1111 extendable

 

Works fine.  But I would like to NAT the source IP to be an internal address, which I do here:

 

ip nat outside source static [external Internet address] 198.168.1.11

 

NAT table looks as intended now:

Pro  Inside global         Inside local          Outside local         Outside global

tcp  [our public IP]:1111   192.168.10:1111    192.168.11:57164    [external Internet address]:57164

 

However, once I do this, the routing breaks.  I can't get back and I have an Incomplete ARP entry for 198.168.1.11.

 

I have attempted to correct this by adding in 

 

ip route 198.168.1.11 15 255.255.255.255 GigabitEthernet0/0  (our Internet connected interface)

 

Can anyone provide some insight into what is going on or how to troubleshoot?  Thanks

4 Replies 4

Please note:
This relates an original thread already open.  - here


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Jon Marshall
Hall of Fame
Hall of Fame

 

Adding the static route should have fixed it as it is to do with the order of NAT and routing. 

 

Instead of manually adding a route when you configure your "ip nat outside ..." statement do you have the "add-route" option you can use ? 

 

It is essentially doing the same thing but worth seeing if it does what you want. 

 

Jon

Hi Jon,

 

Paul from above has been very kindly providing suggestions in the other thread he linked to.  

 

I've tried the add-route option previously, but it did not make any difference.  I've just tried again now, but to avail.

Hello

Based on your last post in the other thread regards having two outside interfaces and wanting to nat internally atached is a working sample:



kind regards
Paul

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul