NAT Destination Addresses of packets from a source pool

allan.sydney · ‎12-06-2010

I am trying to nat the destination addresses of packets.

if i use a static nat rule this works.

ip nat outside source static 9.10.11.12 5.6.7.8

so my packets from source address 1.2.3.4 are being sent by their dumb app to 5.6.7.8 and my router is sending rewriting the destination addresses to 9.10.11.12. this is fine.

however, i want only packets from source address 1.1.1.0/24 to be affected by this nat and not all packets.

to try and do this i have created a rotary pool

ip nat pool POOL3 9.10.11.12 9.10.11.12 netmask 255.255.255.0 type rotary

ip nat outside source list acltest pool POOL3

access-list extended acltest

permit ip 1.1.1.1 0.0.0.255 host 5.6.7.8 log

however this doesnt seem to work.

any ideas?

my router is a cisco 2651xm

many thanks

Daniele Giordano · ‎12-06-2010

Try using route-map. This is only an example:

ip nat outside source static 9.10.11.12 5.6.7.8 route-map Special_App

route-map Special_App permit 10
match ip address 150

access-list 150 permit ip 1.1.1.1 0.0.0.255 host 5.6.7.8

Best regards.

Daniele Giordano · ‎12-06-2010

More info here: http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080093fca.shtml

Bye.

Jon Marshall · ‎12-06-2010

Have you actually tried applying this config ?

The doc you linked to only uses ip nat inside examples. I have 12.4 and do not have the option for "ip nat outside source static..." with a route-map. It is only available for "ip nat inside source static...".

I agree with your config i'm just not sure it is supported at least not up to 12.4.

Jon

Daniele Giordano · ‎12-06-2010

You have right.

Try this:

p nat pool POOL 9.10.11.12 9.10.11.12 netmask 255.255.255.0

ip nat outside source route-map SPEC_APP pool POOL

route-map SPEC_APP permit 10
match ip address 150

access-list 150 permit ip 1.1.1.1 0.0.0.255 host 5.6.7.8

Bye.