cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
321
Views
15
Helpful
5
Replies
Beginner

Nat Two different public IP address to one private IP

Hi, everybody,

I have a web server: 192.168.7.1/24 connected to a router and the router  connected to two ISP like this:

 

                                                          ISP1(1.1.1.1)------\

   "WebServer"---->Core--->Router[                                 ==> 3.3.3.3

                                                          ISP2(2.2.2.1)------/

I want 3.3.3.3 ping My WebServer by 1.1.1.20 and 2.2.2.20, I mean if ISP1 is unreachable then WebServer be in access from ISP2,  assume nat and routing on 3.3.3.3 is ok, I wrote a NAT:

---IP nat inside source static 192.168.7.1 1.1.1.20---

what should I do to have redundancy between NATs? This nat "IP nat inside source static 192.168.7.1 2.2.2.20" is not allowed (% 192.168.7.1 already mapped (192.168.7.1 -> 1.1.1.20). I have IP SLA to check IPS1 and ISP2.

 

 

Everyone's tags (1)
2 ACCEPTED SOLUTIONS

Accepted Solutions
VIP Mentor

Re: Nat Two different public IP address to one private IP

Hello,

 

try and use the 'extendable' keyword:

 

R1(config)#ip nat inside source static 192.168.7.1 1.1.1.20 extendable
R1(config)#ip nat inside source static 192.168.7.1 2.2.2..20 extendable

VIP Mentor

Re: Nat Two different public IP address to one private IP

Hello,

 

you could add the two EEM scripts below, in order to remove the redundant static NAT entry altogether if it is not in use. The script also clears the existing NAT translation so you don't have to wait for the it to time out...

 

Edit: Thinking about it again, I changed the order of the actions and put the 'clear ip nat translation *" at the end.

 

event manager applet CLEAR_NAT_DOWN
event track 1 state down
action 1.0 cli command “enable”
action 2.0 cli command "conf t"
action 3.0 cli command "no ip nat inside source static 192.168.7.1 1.1.1.20 extendable"
action 4.0 cli command "ip nat inside source static 192.168.7.1 2.2.2.20 extendable"
action 5.0 cli command "end"

action 6.0 cli command “clear ip nat translation *”

 

event manager applet CLEAR_NAT_UP
event track 1 state up
action 1.0 cli command “enable”
action 2.0 cli command "conf t"
action 3.0 cli command "no ip nat inside source static 192.168.7.1 2.2.2.20 extendable"
action 4.0 cli command "ip nat inside source static 192.168.7.1 1.1.1.20 extendable"
action 5.0 cli command "end"

action 6.0 cli command “clear ip nat translation *”

 

5 REPLIES 5
VIP Mentor

Re: Nat Two different public IP address to one private IP

Hello,

 

try and use the 'extendable' keyword:

 

R1(config)#ip nat inside source static 192.168.7.1 1.1.1.20 extendable
R1(config)#ip nat inside source static 192.168.7.1 2.2.2..20 extendable

Beginner

Re: Nat Two different public IP address to one private IP

tnx it works, webServer is accessed from both ISP1 and IPS2 but if IPS1 is not accessible, the Webserver cannot ping 3.3.3.3 !!!
VIP Advisor

Re: Nat Two different public IP address to one private IP

Hello


@hadi riyahiyan wrote:
tnx it works, webServer is accessed from both ISP1 and IPS2 but if IPS1 is not accessible, the Webserver cannot ping 3.3.3.3 !!!

Sounds like you need some monitoring on your routing, Below is a example of using default routing towards your isp's?


ip sla 1
icmp-echo <iSP1> source-ip <isp facing interlace ip>
ip sla schedule 1 life forever start-time now


track 10 ip sla 1


ip route 0.0.0.0 0.0.0.0 <isp1> name Primary_ISP track 10
ip route 0.0.0.0 0.0.0.0 <isp2> name Secondary_ISP 200

 



kind regards
Paul

Please rate and mark posts accordingly if you have found any of the information provided useful.
It will hopefully assist others with similar issues in the future
Beginner

Re: Nat Two different public IP address to one private IP

thank you for your answer, I have IPSLA now but the problem is
in:
ip nat inside source static 192.168.7.1 1.1.1.20 extendable
ip nat inside source static 192.168.7.1 2.2.2..20 extendable
first NAT always run before the second one, so if ISP 1.1.1.1 is not in access router keep NATing by first NAT while web server will route by
"ip route 0.0.0.0 0.0.0.0 <isp2> name Secondary_ISP 200" (because of IPSLA) !!!
I want automatically NAT changed to "ip nat inside source static 192.168.7.1 2.2.2..20 extendable"
VIP Mentor

Re: Nat Two different public IP address to one private IP

Hello,

 

you could add the two EEM scripts below, in order to remove the redundant static NAT entry altogether if it is not in use. The script also clears the existing NAT translation so you don't have to wait for the it to time out...

 

Edit: Thinking about it again, I changed the order of the actions and put the 'clear ip nat translation *" at the end.

 

event manager applet CLEAR_NAT_DOWN
event track 1 state down
action 1.0 cli command “enable”
action 2.0 cli command "conf t"
action 3.0 cli command "no ip nat inside source static 192.168.7.1 1.1.1.20 extendable"
action 4.0 cli command "ip nat inside source static 192.168.7.1 2.2.2.20 extendable"
action 5.0 cli command "end"

action 6.0 cli command “clear ip nat translation *”

 

event manager applet CLEAR_NAT_UP
event track 1 state up
action 1.0 cli command “enable”
action 2.0 cli command "conf t"
action 3.0 cli command "no ip nat inside source static 192.168.7.1 2.2.2.20 extendable"
action 4.0 cli command "ip nat inside source static 192.168.7.1 1.1.1.20 extendable"
action 5.0 cli command "end"

action 6.0 cli command “clear ip nat translation *”

 

CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards