Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Selective source-NAT from Internet to internal host

Reply
Thread Tools

Selective source-NAT from Internet to internal host

 
 
Mark
Guest
Posts: n/a
 
      08-05-2008

Hi,

(Apologies in advance if my terminology here isn't "Cisco-ised" - am
relatively new to IOS...)

I have a Cisco 1605R which has a single public (Internet facing) IP address.

I've configured IP NAT rules such that a connection from the Internet to
the router on 25/tcp is NAT'd to one private (internal) IP address (mail
server), and a connection to 22/tcp is NAT'd to a different private IP
address (SSH server). In other words, the destination address of the
connection is translated from the public address of the router to the
appropriate private address of the destination host - based upon the
destination TCP port.

At the moment, the source addresses of the Internet hosts initiating
these connections are not translated (i.e. no source-NAT occurs) - so my
mail relay and SSH server both see the original IP addresses of the
Internet hosts making these connections - however, I'd like to
selectively perform source-NAT on (just) one of these 2 TCP connections
- so connections to 25/tcp continues to pass through with the original
source address, however connections to 22/tcp have their source address
translated to a private address.

Is this possible? (Excerpt from my IOS config attached below)

Thanks,

Mark

Excerpt from my current configuration - IP addresses obfuscated:

ip nat pool my-address-pool 123.123.123.123 123.123.123.123 netmask
255.255.255.252
ip nat inside source list 1 pool my-address-pool overload

ip nat inside source static tcp 10.1.1.1 25 123.123.123.123 25 extendable
ip nat inside source static tcp 10.1.1.2 22 123.123.123.123 22 extendable

access-list 1 permit 10.1.1.0 0.0.0.255
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
how to refer a control in the host page from a user control if the host page using masterpage Jerry Qu ASP .Net 1 02-20-2009 07:41 PM
Dane Cook: Great S.N.L. host or GREATEST S.N.L. host? Jojo the 90lb hottie Digital Photography 1 02-14-2007 04:55 AM
Cisco PIX 501 - Port forwarded to an internal host via Static NAT doesn't work from internal host JoelSeph Cisco 9 01-23-2006 03:52 PM
PIX: how to allow 1 host from outside interface to access another host on the inside interface? jonnah Cisco 1 04-21-2004 02:26 PM
request.getHeader("Host") returns wrong host name Orpheus66 Java 0 07-30-2003 02:59 PM



Advertisments