NAT?

TacoReBELLion · ‎02-04-2021

Hello all,

This is my first forum posting ever, be gentle please.

I have a situation where a vendor equipment is set to an SMTP relay agent via IP. This IP cannot be changed without getting the vendor involved which takes quite a bit of time. So I am trying to figure out a way to translate the destination ip that the vendor device is sending but every example I am looking at has to apply to an interface.

Vendor device IP: 192.168.2.3/24

Original SMTP IP: 10.2.1.17/24

New SMTP IP: 10.2.1.95/24

I need 192.168.2.3 traffic destined for 10.2.1.17 to go to 10.2.1.95.

I am using a 9200 series switch behind a 4300 ISR router if that helps.

Georg Pauwen · ‎02-05-2021

Hello,

the below would translate all SMTP (TCP port 25) traffic from host 192.168.2.3 destined to 10.2.1.1.17 to 10.2.1.95.

ip nat pool SMTP_NEW 10.2.1.95 10.2.1.95 netmask 255.255.255.0
ip nat inside source list 101 pool SMTP_NEW
!
access-list 101 permit tcp host 192.168.2.3 host 10.2.1.17 eq smtp

That said, do you have NAT already configured on the ISR ?

TacoReBELLion · ‎02-05-2021

No, we do not have any existing NATs configured on the ISR.

Georg Pauwen · ‎02-05-2021

Hello,

do you want traffic destined for 10.2.1.17 just to be rerouted to 10.2.1.95 (meaning both are IP addresses assigned to real, existing systems), or do you want to change the address altogether ? That part is not clear. For the example I posted, you need NAT configured on the router. If you just want to change just the destination of the traffic, some sort of policy routing could be applied.

TacoReBELLion · ‎02-05-2021

My apologies, a replacement server has been installed and we are migrating from 10.2.17 to 10.2.1.95. Right now they are both real but afterwards only 10.2.1.95 will exist.

Also is there a benefit to using policy routing vs NAT?