- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-14-2019 06:23 AM
So here is the story... I have a 2801 that is the VPN endpoint for our Avaya phones using their built in VPN client. Working fine. However I am going to have to change the IP of our Avaya phone server so I would like to predeploy replacement avaya phones with the new phone server IP setup.
I need to get the traffic coming over the VPN tunnel from phones that will be trying to go to the new IP of 10.2.140.10 to actually go the current IP of 10.200.96.253. And traffic coming over the VPN tunnel to the current IP of 10.200.96.253 needs to be left alone. I have been trying to figure out some kind of destination NAT with no luck. Tried a static NAT and that breaks things since it translates all of the traffic.
Anyone have any wizardry for this?
Thx.
Solved! Go to Solution.
- Labels:
-
Other Routing
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-14-2019 11:16 AM
It looked like below... The stmt took care of traffic in both directions and did not interfere with prod.
ip nat inside source static 10.200.96.253 10.2.140.10 route-map newphone
Thx for the clue about using route map.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-14-2019 06:49 AM
The static NAT breaks it because it translates the IPs even when you don't want that to happen ?
Are the phones using the new IP distinguishable from the ones using the old IP ie. you may be able to use a route map and acls with your NAT to specify exactly which IPs should be translated etc.
Jon
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-14-2019 06:52 AM
HI..
The only difference with the new phones would be the target IP of the traffic. Else nothing else is different.
Hmmm...Route map. Had not thought of that and haven't done one in many years. Will start digging!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-14-2019 07:04 AM
Hello
Would you be able to post simple topology of this flow to show to get a better understanding of what you are trying to achieve?
Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.
Kind Regards
Paul
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-14-2019 07:26 AM
I need VPN traffic that is trying to go to 10.2.140.10 to actually go to 10.200.96.253. And, for now, any traffic going already going to/from 10.200.96.253 left alone. A kind of destination based nat.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-14-2019 11:16 AM
It looked like below... The stmt took care of traffic in both directions and did not interfere with prod.
ip nat inside source static 10.200.96.253 10.2.140.10 route-map newphone
Thx for the clue about using route map.