Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2762
Views
0
Helpful
3
Replies

NAT SNAT and DNAT at the same time?

switched switch
Level 1
Level 1

‎08-16-2017 07:57 AM - edited ‎03-05-2019 09:00 AM

Hi All,
I have devices on our inside LAN (10.0.0.0/24) that are hardcoded to speak to an IP address: 1.1.1.1. Now 1.1.1.1 is being decomissioned, and I want to ensure that when our internal hosts route attempt to route to 1.1.1.1 they are forwarded to 2.2.2.2 instead (NAT adjusts the destination address).

ip nat outside source static 2.2.2.2 1.1.1.1

I believe the above does it.
But, I also need to ensure that the internal hosts (10.0.0.0/24) are natted to a public address (3.3.3.3) on the same router the above NAT is happening.

So for example when 10.0.0.0/24 route to 1.1.1.1, I want to change the source IP to 3.3.3.3 and change destnation to 2.2.2.2.
When 10.0.0.0/24 sends to anywhere else, just make source IP 3.3.3.3.


ip access-list standard NATPOOL
 permit 10.0.0.0 0.0.0.255
 
ip nat pool NATPOOL 3.3.3.3 3.3.3.3 netmask 255.255.255.0
ip nat inside source list NATPOOL pool NATPOOL overload

THe issue is when I want to specify the source address as 10.0.0.0/24 going to 1.1.1.1 it doesnt apppear to be getting NATed and the routing is failing.

ip nat pool NATPOOL-2 2.2.2.2 2.2.2.2 netmask 255.255.255.0
ip nat outside source route-map RMAP pool NATPOOL-2

ip access-list extended NAT
 permit ip 10.0.0.0 0.0.0.255 host 1.1.1.1

route-map RMAP permit 10
 match ip address NAT


Can someone assist on the above?

Labels:
0 Helpful
3 Replies 3

Jon Marshall
Hall of Fame
Hall of Fame

‎08-16-2017 10:07 AM

So you always want 10.0.0.0/24 to be translated 3.3.3.3 but also 1.1.1.1 to 2.2.2.2 ?

Jon

0 Helpful

paul driver
VIP
VIP

‎08-16-2017 01:51 PM

Hello
Can you try either of these please:

ip nat outside source static 2.2.2.2 1.1.1.1 add-route

or

ip route 1.1.1.1 255.255.255.255 2.2.2.2

res
Paul


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

switched switch
Level 1
Level 1
In response to paul driver

‎08-22-2017 03:22 AM

Hi Paul and John,

Apologies for not replying sooner.

There has been a change in direction on this solution as it appears we are not able to DNAT due to limitations on the systems. Unfortunately because of this, I wasnt able to progress this any further.

Many thanks

0 Helpful
Customers Also Viewed These Support Documents