IOS and destination NAT

Discussion in 'Cisco' started by Klaus Zerwes, Sep 15, 2006.

  1. Klaus Zerwes

    Klaus Zerwes Guest

    Hello.

    Here is a brief description of my problem:

    I am trying to do destination-NAT using a cisco-router running IOS
    12.2(15)T2

    Interfaces:
    Interface FastEthernet0/1: public IP / ip nat outside

    Interface FastEthernet0/0.1-0.X: public IPs / no nat

    Interface Tunnel0: private IP - connection to private ip-networks / ip
    nat inside

    At the moment the device is using NAT (SNAT) for the private IP-networks:
    ip nat inside source list NATList interface FastEthernet0/1 overload
    ip access-list extended NATList
    permit ip 10.0.0.0 0.0.0.255 any

    permit ip 10.0.1.0 0.0.0.255 any

    permit ip 192.168.2.0 0.0.0.255 any

    permit ip 192.168.5.0 0.0.0.255 any

    permit ip 172.8.0.0 0.0.0.255 any

    ...
    !

    In addition I like to configuer now a Destination-NAT
    for some IPs connected at the moment via Fa0/0.Y to be forwarded
    somewhere into the private IP-Space, lets say:
    all traffic targeting public.ip.dnat.1 has to be forwarded to
    192.168.2.11 and all traffic originating from 192.168.2.11 has to be
    NATed to public.ip.dnat.1.


    I tried a lot - but gave me no usable results (for my understanding I
    need something like 'ip nat outside destination static ....' but ... you
    know thats not there ;-)
    I can do something like portforwarding - but no complete redirection

    Maybe someone of you can help me untie the gordian knot in the head of a
    poor autodidact.

    Thank you
    Best regards
    Klaus
    Klaus Zerwes, Sep 15, 2006
    #1
    1. Advertising

  2. Klaus Zerwes

    bthetford Guest

    bthetford, Sep 15, 2006
    #2
    1. Advertising

  3. Klaus Zerwes

    Klaus Zerwes Guest

    bthetford wrote:
    > Let me guess...
    > DNS resolves to the external IP for something like a web or email
    > server, but you need the NATed IP to be accessible to internal clients?


    Nope ;-)
    I did not wrote about DNS.
    I simply have problems setting up a DNAT.

    I tried something like:
    ip nat inside source static 192.168.2.11 public.ip.dnat.1
    ip nat outside source static public.ip.dnat.1 192.168.2.11
    and other curios stuff



    > If so, I've already asked the question at
    > http://groups.google.com/group/comp...2036b5bdd30/5ac59fe49f4b95b1#5ac59fe49f4b95b1
    >
    > Perhaps someone can help us out of this bind (no pun intended, if
    > you've read that other thread).
    >
    Klaus Zerwes, Sep 20, 2006
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Dave
    Replies:
    0
    Views:
    1,546
  2. Replies:
    1
    Views:
    8,618
    Phillip Remaker
    May 11, 2005
  3. 1388-2/HB

    Source and destination NAT

    1388-2/HB, Jun 26, 2007, in forum: Cisco
    Replies:
    4
    Views:
    996
    usenet
    Jul 4, 2007
  4. Xunzi
    Replies:
    0
    Views:
    948
    Xunzi
    Apr 10, 2009
  5. Laurent
    Replies:
    2
    Views:
    2,174
    vishal31369
    Jun 24, 2011
Loading...

Share This Page