NAT multiple external IP to internal IPs
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-06-2015 11:18 PM - edited 03-05-2019 02:53 AM
Hi,
I have been trying to map internal IP to external IP. I have 5 public IPs.
This works fine if I use this command, ip nat inside source static 10.2.1.101 200.100.16.1. but this bypass the NAT rules and now the server is fully accessible from the internet.
I've come up with this solution by now I'm wondering if I can actually just map only one IP to a public IP, that is
10.2.1.101 -> 200.100.16.1
10.2.1.102 -> 200.100.16.2
My solution which works but I'm finding myself having to assign a group of IPs to a public IP. See my running config below.
access-list 30 permit 10.2.1.0 0.0.0.127
access-list 31 permit 10.2.1.128 0.0.0.255
And the overload it using the following.
ip nat pool serverPOOL1 200.100.16.1 200.100.16.1 netmask 255.255.255.248
ip nat pool serverPOOL2 200.100.16.2 200.100.16.2 netmask 255.255.255.248
ip nat inside source list 30 pool serverPOOL1 overload
ip nat inside source list 31 pool serverPOOL2 overload
Any suggestion is highly appreciated. I think the way I'm doing this is not the right way.
Cheers theo.
- Labels:
-
Other Routing
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-08-2015 07:24 AM
You can configure a PAT to a single host and port-
ip nat inside source static tcp 192.168.0.5 3389 198.51.0.55 3389
You can also do a full NAT-
ip nat inside source static 192.168.0.52 198.51.0.55
No need to use pools. HTH
