Solved: Policy NAT question

Colin Higgins · ‎07-26-2012

When implementing a policy NAT, is it possible to NAT a source address to an address that is not within the networks included on the router interfaces?

In other words, say I have a router with the following setup

interface g0/0: 63.100.100.2 255.255.255.252

ip nat outside

interface g0/1: 172.25.2.2 255.255.255.0

ip nat inside

I want to NAT a host coming in on g0/1 to 192.168.20.10 and send it through g0/0 to an upstream host at 63.100.100.1

so ...

ip nat inside source static 172.25.2.100 192.168.20.10 route-map test1

access-list 101 permit ip 172.25.2.100 10.10.10.0 0.0.0.255

route-map test1 permit 10

match ip address 101

set ip next-hop 63.100.100.1

and

interface g0/1

ip policy route-map test1

will this work? Do I need to add a loopback interface on network 192.168.20.0 ?

John Blakley · ‎07-26-2012

You don't have to "own" the ip address that you're natting to meaning that it doesn't need to reside on the router. The other end will need to have a route back to the address that you're natting to though.

HTH,

John

HTH, John *** Please rate all useful posts ***

View solution in original post

John Blakley · ‎07-26-2012

You don't have to "own" the ip address that you're natting to meaning that it doesn't need to reside on the router. The other end will need to have a route back to the address that you're natting to though.

HTH,

John

HTH, John *** Please rate all useful posts ***