Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
824
Views
0
Helpful
1
Replies

UDP NAT - Re-use of IP address

andymwalker
Level 1
Level 1

‎02-24-2011 09:18 AM - edited ‎03-04-2019 11:33 AM

I'm attempting to set up a Cisco 1921 router running IOS15, and am having trouble with

the NAT - it might be that what I am attempting is not possible. If someone can guide me to the right topic, or the area to investigate that would be great.

The only traffic going across the router is UDP, and the outside of the network canot be changed.

I have two servers on the LAN side

192.168.200.1/24

192.168.200.2/24

and the default gateway on the outside is

10.168.41.56/24

The Router is set up with Inside 192.168.200.254/24 and Outside 10.168.41.50/24

The data transmission is UDP only:

From inside to outside

From 192.168.200.1:20000 to 10.1.6.x:65535 must look like from 10.168.41.49:65533 to 10.1.6.x:65535

From 192.168.200.2:20000 to 10.1.6.x:65535 must look like from 10.168.41.49:65533 to 10.1.6.x:65535

From outside to inside

From 10.1.6.x:65535 to 10.168.41.49:65533 must arrive at both servers looking like from 10.1.6.x:65535 to 192.168.200.1:30000 and 10.1.6.x:65535 to 192.168.200.2:30000

From 10.1.1.x:8601 to 10.168.41.49:8601 must arrive at both servers looking like from 10.1.1.x:8601 to 192.168.200.1:8601 and 10.1.1.x:8601 to 192.168.200.2:8601

My problem is the inside to outside data needs to look like it came from the same IP address and Port Number. As its 1-way data, conceptually there are no problems with this, but I don't seem to be able to implement it as all the static NAT seems to be bidirectional. I cannot type all the rules in as if they are all bidirectional then there are conflicts. Is there an alternative way of doing this?

The outside to inside data can be sent to a LAN broadcast address, and this works fine.

There is NO other traffic across this router

Thanks for your help,

Andy

Labels:
0 Helpful
1 Reply 1

lgijssel
Level 9
Level 9

‎02-24-2011 01:02 PM

What you want to achieve is not possible.

Static outbound nat must always use at least a different port number per inside source.

Inbound nat (ipv4) can only forward to one host/destination, not to several.

You could do something like this with an anycast address in ipv6.

regards,

Leo

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card