Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
926
Views
0
Helpful
4
Replies

Static NAT translations

khadiman.Othman_2
Level 1
Level 1

‎02-07-2011 11:01 PM - edited ‎03-04-2019 11:20 AM

Hi all,

Appreciate if anybody can help me on this. I am confused as what to do. It is supposely straight forward. Im trying to do a Static NAT for two printers residing on local LAN. Currently is like shown.

Printer IPs

printer 1 - 172.X.X.116 /24

printer 2 - 172.X.X.126 /24

print server - 158.X.X.241 /27

Currently only printer 1 is working using following configuration but really i would like both printers to be static nat to the print server 158.X.X.241 but im getting an error that 158.X.X.241 is already in use.

ip nat inside source static 172.X.X.116 158.X.X.241

__________________________________________________________________________

172.X.X.X (Printer 1,2) ----------- (Router 1) ----- (Router 2) ----- | ----- (Router 3) ----------- 158.X.X.241 (Printer server)

                              172.X.X.X                                     192.X.X.X              

Any configuration before Router 2 is beyond my control and i can configure on router 3. Any help is highly appreicated.

Labels:
0 Helpful
4 Replies 4

Varun Uniyal
Level 1
Level 1

‎02-08-2011 12:23 AM

You can't have two one-to-one static translations for the same IP (print server). You can however have port mappings as follows :

ip nat inside source static tcp 172.X.X.116 8000 158.X.X.241 8000

ip nat inside source static tcp 172.X.X.126 8001 158.X.X.241 8001

in the above example i have used rwo ports 8000 and 8001 for each printer respectively. You can choose any port as long as the Server 158.X.X.241

is listening on that port.

0 Helpful

khadiman.Othman_2
Level 1
Level 1
In response to Varun Uniyal

‎02-08-2011 04:50 PM

thanks varun. I am aware that this can be done but i was not sure whether these ports were open. Will give it a go. Thanks.

0 Helpful

Calin C.
Level 5
Level 5

‎02-08-2011 12:52 AM

Hello there,

First of all, you want to use static NAT, which means one-to-one, so you cannot have 2 IP addresses translated to only one IP address

Second, please describe what you want to achieve?

I can only assume, giving your IP addressing scheme, that you want outside users (in Internet for example) to be able to access your internal (LAN) printers.

For a better understanding, I really recommend reading:

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080094e77.shtml

I also assume, that you want to learn, no just a copy / paste solution without uderstanding what you're doing, so point 2 "Define what you're trying to accomplish with NAT" in the above mentioned document can be a good starting point.

Cheers,

Calin

0 Helpful

khadiman.Othman_2
Level 1
Level 1
In response to Calin C.

‎02-08-2011 04:44 PM

Calin,

Appreciate your input. I suppose i need to be more clear on my objective. Basicly i would like to point these two printers (172.X.X.X s) to 158.X.X.241 segment through NAT. I've read up and experimented with route-map. But i guess i fail to understand the theory behind it hence its been trial and error since. below is an example of the configurations that i wrote. in blue italic is what i tried to do.

interface Ethernet0/0
  ip address 192.X.X.126 255.255.255.240
ip nat inside
full-duplex
!
interface FastEthernet0/0
ip address 158.X.X.241 255.255.255.224
ip access-group 101 out
ip nat outside
speed 100
full-duplex
!
ip nat pool test 158.X.X.245 158.1X.X.254 netmask 255.255.255.240
ip nat pool printserver 158.161.251.241 158.161.251.241 netmask 255.255.255.240
ip nat inside source list 2 pool test overload
ip nat inside source route-map printer_map pool printserver
ip nat inside source static 172.30.195.116 158.161.251.241
!
access-list 1 deny   any
access-list 2 permit 192.168.50.0 0.0.0.15
access-list 2 permit 172.30.195.0 0.0.0.255
access-list 2 permit 172.30.197.0 0.0.0.255
access-list 3 remark SKS_Printers
access-list 3 permit 172.30.195.116
access-list 3 permit 172.30.195.236
access-list 101 deny   ip 224.0.0.0 31.255.255.255 any log
access-list 101 deny   ip 127.0.0.0 0.255.255.255 any log
access-list 101 deny   ip 10.0.0.0 0.255.255.255 any log
access-list 101 deny   ip 172.16.0.0 0.15.255.255 any log
access-list 101 deny   ip 172.30.0.0 0.0.255.255 any log
access-list 101 permit ip 158.161.251.240 0.0.0.15 host 158.161.214.2
access-list 101 permit ip 158.161.251.240 0.0.0.15 host 158.161.214.3
access-list 101 permit ip 158.161.251.240 0.0.0.15 host 158.161.214.4
access-list 101 deny   ip any any log
access-list 102 permit ip host 172.30.195.116 host 158.161.182.241
access-list 102 permit ip host 172.30.195.236 host 158.161.182.241
access-list 110 deny   ip 224.0.0.0 31.255.255.255 any log
access-list 110 deny   ip 127.0.0.0 0.255.255.255 any log
access-list 110 deny   ip 10.0.0.0 0.255.255.255 any log
access-list 110 deny   ip 172.30.0.0 0.0.255.255 any log
access-list 110 deny   ip 172.16.0.0 0.15.255.255 any log
access-list 110 permit ip 158.161.251.240 0.0.0.15 host 158.161.214.2
!
route-map printer_map permit 10
match ip address 3
set ip next-hop 158.161.182.240
!

0 Helpful
Customers Also Viewed These Support Documents