08-08-2013 12:09 AM - edited 03-07-2019 02:49 PM
Hello !
Not shure - but I think it must be very simple ...
I like to redirect requests to port 993 from IP1 to IP2. Both IP Adresses are public and in the same network. From a getway network they are routet - so I think at this point it mus be possible to redirect the request vom IP1 > IP2.
NAT is in use allready with inside/outside; see example:
interface GigabitEthernet0/0
description WAN < gateway
ip address xxx.xxx.xxx.xxx 255.255.255.248
ip nat outside
(...)
interface Vlan70
description Management-LAN
ip address 192.168.99.1 255.255.255.0
ip nat inside
(...)
interface Vlan1
description VLAN1 < public IP1 and IP2
ip address yyy.yyy.yyy.yyy 255.255.255.128
(...)
ip nat inside source route-map NONAT interface GigabitEthernet0/0 overload
(...)
Happy about imput - thanks !
08-08-2013 12:50 AM
You can redirect with static nat.
For example:
IP 1 = 11.11.11.11
IP 2 = 192.168.11.11
Dest port = 443
device(config)# ip nat inside source static tcp 192.168.11.11 11.11.11.11 443
Kind Regards,
Kevin
**Please remember to rate helpful posts as well as mark the question as 'answered' once your issue is resolved. This will help others to find your solution faster.
08-08-2013 01:09 AM
Thanks,
when I drop it with my IP Adresses I get this:
For example:
IP 1 = 55.101.101.101
IP 2 = 55.101.101.102
Dest port = 993
(...)
device(config)# ip nat inside source static tcp 55.101.101.101 55.101.101.102 993
^
% Invalid input detected at '^' marker.
(...)
My IOS is 15.2(4)M1 on a 1900 system.
08-08-2013 01:14 AM
Hmmm.. well I did type a syntax error in my original reply in that there should be port identification after each ip address:
device(config)# ip nat inside source static tcp
I'm not sure of any caveats regarding static nat syntax with that IOS.. let me see if I have access to a device running close to this code and I'll verify.
Kind Regards,
Kevin
**Please remember to rate helpful posts as well as mark the question as 'answered' once your issue is resolved. This will help others to find your solution faster.
08-08-2013 01:24 AM
Hm ...
- no "ip nat inside" on Vlan1 Interface ?
- what about inside < - > outside direction ?
When I drop this I get in my log (with exmaple IP as above):
Aug 8 08:20:30.752: %IP-4-DUPADDR: Duplicate address 55.101.101.102 on Vlan1, sourced by 000c.
08-08-2013 02:47 PM
So you are trying to NAT an outside IP to another outside IP, 55.101.101.101 is not the inside IP. Why are you doing it like this why don't you just update the nat for 55.101.101.101 instead, sounds like you are making it a lot more complicated than it should be.
08-08-2013 10:57 PM
Hi Mohammad Ali !
> So you are trying to NAT an outside IP to another outside IP
No.
> 55.101.101.101 is not the inside IP.
Outside is GigabitEthernet0/0 (transfer network) - the others are inside. Both, 55.101.101.101 and 55.101.101.102 are in VLAN1 - routet (example) public IP Adresses ...
> sounds like you are making it a lot more complicated than it should be.
Sorry, but I just want to redirect the request to IP1 on port 993 to IP2 on port 993. It may be complicated - that's why I'm asking the powerfull cisco brains here ...
See my drawing:
08-09-2013 09:09 AM
Hum, and you said you already tried this and you get duplicate IP address error?
ip nat inside source static tcp 55.101.101.101 993 55.101.101.102 993 extendable
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide