Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > IOS and destination NAT

Reply
Thread Tools

IOS and destination NAT

 
 
Klaus Zerwes
Guest
Posts: n/a
 
      09-15-2006
Hello.

Here is a brief description of my problem:

I am trying to do destination-NAT using a cisco-router running IOS
12.2(15)T2

Interfaces:
Interface FastEthernet0/1: public IP / ip nat outside

Interface FastEthernet0/0.1-0.X: public IPs / no nat

Interface Tunnel0: private IP - connection to private ip-networks / ip
nat inside

At the moment the device is using NAT (SNAT) for the private IP-networks:
ip nat inside source list NATList interface FastEthernet0/1 overload
ip access-list extended NATList
permit ip 10.0.0.0 0.0.0.255 any

permit ip 10.0.1.0 0.0.0.255 any

permit ip 192.168.2.0 0.0.0.255 any

permit ip 192.168.5.0 0.0.0.255 any

permit ip 172.8.0.0 0.0.0.255 any

...
!

In addition I like to configuer now a Destination-NAT
for some IPs connected at the moment via Fa0/0.Y to be forwarded
somewhere into the private IP-Space, lets say:
all traffic targeting public.ip.dnat.1 has to be forwarded to
192.168.2.11 and all traffic originating from 192.168.2.11 has to be
NATed to public.ip.dnat.1.


I tried a lot - but gave me no usable results (for my understanding I
need something like 'ip nat outside destination static ....' but ... you
know thats not there
I can do something like portforwarding - but no complete redirection

Maybe someone of you can help me untie the gordian knot in the head of a
poor autodidact.

Thank you
Best regards
Klaus
 
Reply With Quote
 
 
 
 
bthetford
Guest
Posts: n/a
 
      09-15-2006
Let me guess...
DNS resolves to the external IP for something like a web or email
server, but you need the NATed IP to be accessible to internal clients?

If so, I've already asked the question at
http://groups.google.com/group/comp....c59fe49f4b95b1

Perhaps someone can help us out of this bind (no pun intended, if
you've read that other thread).

 
Reply With Quote
 
 
 
 
Klaus Zerwes
Guest
Posts: n/a
 
      09-20-2006
bthetford wrote:
> Let me guess...
> DNS resolves to the external IP for something like a web or email
> server, but you need the NATed IP to be accessible to internal clients?


Nope
I did not wrote about DNS.
I simply have problems setting up a DNAT.

I tried something like:
ip nat inside source static 192.168.2.11 public.ip.dnat.1
ip nat outside source static public.ip.dnat.1 192.168.2.11
and other curios stuff



> If so, I've already asked the question at
> http://groups.google.com/group/comp....c59fe49f4b95b1
>
> Perhaps someone can help us out of this bind (no pun intended, if
> you've read that other thread).
>

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
ios : Source and destination nat on a single interface Laurent Cisco 2 06-24-2011 06:06 AM
Destination Address Translation with IOS NAT and IPSec (Help Please!) :) Xunzi Cisco 0 04-10-2009 09:38 PM
instructions on how to perform an IOS upgrade on a Catalyst 6500 switch (IOS to IOS) Mike Rahl Cisco 1 05-30-2007 05:22 PM
IOS NAT (PAT) - dynamicstatic nat subnet mask spec Cisco 2 05-25-2006 06:11 PM
Destination not reachable until destination pings source! PIX501 Dave Cisco 0 02-27-2004 06:15 PM



Advertisments