05-14-2015 02:35 PM - edited 03-05-2019 01:28 AM
I have a cisco 3750 where all my servers are connected & the uplink is to a 2921 router .
2921 has two interface G0/0 (Internal) connected to 3750 & G0/1 (External).
Now I want all my hosts to go to the external network without natting ,but want 1 host to nat when going to a specific IP in the external network . how will i be able to do this
05-14-2015 02:46 PM
Couple of questions -
1) will the connection always be initiated from the inside host or can it be initiated from the external host as well ?
2) what do you want to NAT it to eg. the outside interface IP of the 2921 or a different IP ?
Jon
05-14-2015 02:47 PM
It would be a two way connection .
I want to NAT it to 172.17.62.5.
Original IP of the host is 192.168.62.5, also rest of the hosts are in the 192.168.1.0\24 range but i don't want them to be effected.
05-15-2015 05:36 PM
Okay, if either side can initiate the connection then it needs to be a static NAT statement ie.
external IP = 172.16.10.2
int gi0/0
ip nat inside
int gi0/1
ip nat outside
access-list 101 permit ip host 192.168.62.5 host 172.16.10.2
route-map <rmap name> permit 10
match ip address 101
ip nat inside source static 192.168.62.5 172.17.62.5 route-map <rmap name>
Jon
12-25-2022 04:15 PM
It's not working some how, Is it good to share observations to get that worked?
ip nat inside source static 192.168.3.1 10.10.10.101 route-map NAT1
access-list 101 permit ip host 192.168.3.1 host 192.168.2.1
route-map NAT1 permit 10
match ip address 101
R1(config)#do ping 192.168.2.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 68/68/72 ms
R1(config)#do sh ip nat tra
Pro Inside global Inside local Outside local Outside global
R1(config)#
12-25-2022 05:07 PM
you need post your topology and full config for us to understand - technically the steps should work :
the request need to come from external IP 10.10.10.101 (in your case)
check below guide:
12-26-2022 11:20 AM
Hi Balaji. Bandi,
Thanks for your reply, It is working. I was trying to generate traffic from the router instead of the PC and was looking forward to NAT translate. I know it's silly but I realized it today and validated it. Which is working.
Thanks for your response.
Karan Mandaliya
12-26-2022 01:17 PM
Glad all working as expected, we mark as resolved now.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide