NAT source and destination

sebastian.lemke · ‎10-08-2010

Hello friends,

please investigate the attached topology.

I want to do NAT on Router B, and the router shall NAT source and destination of an IP packet. How do I configure this?

Which interface is inside, which is outside?

Is this possible at all?

Dan-Ciprian Cicioiu · ‎10-08-2010

Hi ,

you can try :

int fa0/1
ip nat inside
int fa0/0
ip nat outside

ip nat source static 192.168.1.2 10.10.10.40
ip nat source static 3.3.3.3 192.168.1.1

Dan

sebastian.lemke · ‎10-08-2010

Thanks for your reply. It didn't work unfortunately.

I found an interesting website which helped me finding a solution:

So, basic IP NAT works now! I have configured the following on Router B:

int fa0/0

ip nat inside

int fa0/1

ip nat outside

ip nat inside source static 3.3.3.3 192.168.1.1

ip nat outside source static 192.168.1.2 10.10.10.40

ip route 10.10.10.40 255.255.255.255 192.168.1.2

This config works!

But: Let's go one step ahead: What I exactly need is, to only nat ICMP / SSH / TELNET traffic from 192.168.1.2 to 10.10.10.40.

TELNET and SSH are no big problems, you can use this commands on Router B:

ip nat outside source static tcp 192.168.1.2 23 10.10.10.40 23 extendable

ip nat outside source static tcp 192.168.1.2 22 10.10.10.40 22 extendable

This works fine. But what do I do with ICMP? As ICMP is not running in TCP or UDP, I can't configure it with static NAT.

Please help