NAT internal address based on external address

k0rrupt10n · ‎10-09-2017

Hi,

I have a 2901 router with a few IPsecs. I have two servers (172.31.1.1 and 172.31.2.1). All customers use these server IPs. One customer cannot, however, so if from 172.15.0.1 or 172.15.0.2, and destination 192.168.1.1 or destination 192.168.1.2, then redirect to 172.31.1.1 or172.31.2.1. All other traffic to remain unaltered.

Georg Pauwen · ‎10-09-2017

Hello,

some sort of policy routing could accomplish this, maybe...

You have to match source and destination in an access list, and then set the next. It would look like this:

access-list 101 permit ip host 172.15.0.1 host 192.168.1.1
access-list 102 permit ip host 172.15.0.2 host 192.168.1.2

route-map REDIRECT permit 10
match ip address 101
set ip next-hop 172.31.1.1

route-map REDIRECT permit 20
match ip address 102
set ip next-hop 172.31.2.1

k0rrupt10n · ‎10-09-2017

Hi,

I should reword this:

if from 172.15.0.1 or 172.15.0.2, and destination 192.168.1.1 or destination 192.168.1.2, then NAT 192.168.1.1 or 192.168.1.2 to 172.31.1.1 or172.31.2.1, and NAT outbound in the reverse.

so:

inbound from 172.15 NAT the 192.168 address to 172.31

outbound to 172.15 NAT the 172.31 address to 192.168

Do not NAT 172.31 traffic for other destinations.