Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1181
Views
0
Helpful
4
Replies

NAT: 3-to-1 outbound, 1-to-1 inbound

DAVID NOONAN
Level 1
Level 1

‎07-07-2011 09:14 AM - edited ‎03-04-2019 12:54 PM

NAT question on 2801 with IOS 12.3:

I need three internal addresses to NAT to one external IP for outbound traffic but for inbound traffic I'd like that same external IP to map to one of the internal IPs.

Example:

Outbound - Internal 10.10.10.10, .11, .12 all NAT to 172.16.16.16

Inbound - 172.16.16.16 NATs to 10.10.10.10

Why? The internal .10 is a cluster IP so I want inbound traffic to go it but outbound will come from the physical IPs of the server. I would think this would be a fairly common situation but my NAT experience is limited to 1-to-1 static NATs and interface overloads.

I don't believe there will ever be any outbound traffic from the .10 so eliminating that from the outbound would be fine.

Labels:
0 Helpful
4 Replies 4

andrew.prince
Level 10
Level 10

‎07-07-2011 10:36 AM

This is not fairly common, however you could try and use dynamic nat for the 3 internal hosts outbound, and a static inbound nat for the one host. Give it a try and let us know how you get on.

Sent from Cisco Technical Support iPad App

0 Helpful

paul driver
VIP
VIP

‎07-07-2011 02:54 PM

ip nat pool Cluster 10.10.10.10 10.10.10.12 prefix-length 24 type rotary

access-list 10 permit 172.16.16.16

ip nat inside destination list 10 pool Cluster

create dns entry for the inside global address of cluster server = 172.16.16.16

Dont forget to apply nat to the interfaces inside/outside.

res

Paul


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

DAVID NOONAN
Level 1
Level 1

‎07-12-2011 12:16 PM

I think this is my solution. I'm still awaiting confirmation that everything works.

! Outbound

access-list 10 permit 10.10.10.11

access-list 10 permit 10.10.10.12

access-list 10 permit 10.10.10.13

!

ip nat pool PUBLIC 240.1.1.1 240.1.1.1 prefix-length 30

ip nat inside source list 10 pool PUBLIC overload

!

! Inbound

ip nat inside source static 10.10.10.11 240.1.1.1

I noticed that the prefix-length would take 32 but would protest that it shouldn't be more than 30 bits.

0 Helpful

Marwan ALshawi
VIP Alumni
VIP Alumni

‎07-12-2011 03:15 PM

This won't work !

As suggested above for inbound direction to nat to

Multiple ips u need destination nat

Or u can use load balancing hardware best but this require cost and re design to the network

Try if your iOS support server loadbalancing slb this can help you to load balnce the traffic coming to a VIP address one ip to multiple servers and it will take care of the nating of it

Good luck

If helpful rate

Sent from Cisco Technical Support iPhone App

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card