Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
310
Views
0
Helpful
1
Replies

NAT issue. 2 different Inside global IP addresses for one Inside local IP

MaximBudyonny
Level 1
Level 1

‎09-27-2006 09:43 AM - edited ‎03-03-2019 02:08 PM

Hi All,

I need to perform such trick:

One host from inside (inside local) connects to 2 different services binded to 2 different IP addresses (outside global).

I'm trying to do it with such NAT configuration.

for Service1

ip nat pool pool-4-97 10.88.4.97 10.88.4.97 prefix-length 28

Extended IP access list list-97

10 permit tcp host 10.0.0.75 gt 1023 host 172.23.200.11 eq 2323

ip nat inside source list list-97 pool pool-4-97 overload

for Service2

ip nat pool pool-4-100 10.88.4.100 10.88.4.102 prefix-length 28

Extended IP access list list-100

10 permit tcp host 10.0.0.75 gt 1023 host 172.23.100.49 eq 4555

ip nat inside source list-100 pool pool-4-100

When I'm trying to connect from host 10.0.0.75 to 172.23.100.49:4555 I can see

from the output of 'debug ip nat' that Cisco creates NAT translation but translates not to IP address from pool pool-4-100 but to IP address from pool pool-4-97

NAT entry for service1 is upper in Cisco?s config than NAT entry for service 2 and occurred 'first match wins'.

But it?s wrong. Destination hosts are clearly set in the access lists.

How can I enforce NAT to perform translation according to access list?

Can 'ip nat inside source route-map' helps to solve this issue?

Labels:
0 Helpful
1 Reply 1

MaximBudyonny
Level 1
Level 1

‎09-27-2006 10:53 AM

OK I changed configuration of NAT entry to

ip nat inside source route-map

and it works properly.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card