Port NAT to 2 internals server from different ip source

fabienbrizi · ‎07-25-2008

Can you help me to configure a 877 to allow internet clients to connect to 2 internal servers by the ip source.

Details:

I would like to use 2 differents internal web server.

One web server for a country where I know the public ip range.

Another web server for all other countries.

Is it possible ?

Thank you for your help

Marwan ALshawi · ‎07-28-2008

intresting question

make two ACLs

lets say the know pub IPs

192.168.1.0/24

and server1 ip 1.1.1.1

and server2 2.2.2.2

and your outside ip address is 10.10.10.10

access-list 101 permit ip 192.168.1.0 0.0.0.255 host 10.10.10.10

access-list 102 deny ip 192.168.1.0 0.0.0.255 host 10.10.10.10

access-list 102 permit ip any host 10.10.10.10

route-map server1 permit 10

match ip address 101

set ip next-hop 1.1.1.1

route-map server2 permit 10

match ip address 102

set ip next-hop 2.2.2.2

ip nat inside source static 1.1.1.1 10.10.10.10 route-map server1

ip nat inside source static 2.2.2.2 10.10.10.10 route-map server2

and apply ip nat inside o the inside interface

and ip nat ouside on the outisde interface

after apply these config reload the router then test

if it didnt work try to remove the next-hop statment from both route maps then also reload and try

good luck

rate if helpful

fabienbrizi · ‎07-30-2008

Thank you for this help.

I have to try now and I will give results after.