Static + Dynamic NAT with 801 Router

  1. Dan Green

    Dan Green Guest

    Hi All,

    I have the following config on an 801:

    interface Dialer 0
    ip nat outside
    ip address A.B.C.88

    interface Ethernet 0
    ip nat inside
    ip address

    ip nat inside source list 50 Dialer 0 overload
    ip nat inside source static tcp 25 D.E.F.150 25
    ! D.E.F is different to A.B.C above, we have 2 public IP ranges

    access-list 50 deny host
    access-list 50 permit

    According to Cisco documentation, the deny line is needed for static
    NAT, however, it means that the server can't get out at all because
    I'm only translating port 25.

    Ideally, I would like all traffic originating from the email server
    addressed to port 25 somewhere (ie, sending SMTP traffic outside) to
    appear to come from D.E.F.150, but all other traffic from that server
    to appear to come from the Dialer0 address.

    If I remove the deny line, the server can send outgoing SMTP mail, but
    it appears to come from the Dialer0 address (as expected), but I
    anticipate problems with this from external servers who do a DNS

    Hope that all made sense, and I look forward to hearing from you as to
    how to configure the intended set-up (if possible).

    Dan Green, Nov 10, 2003
  2. Dan Green

    Tim Thorne Guest

    You'll need two instances of dynamic NAT to make it work. I'm
    presuming that you intend your email server to send and receive
    traffic on the same IP.
    Tim Thorne, Nov 10, 2003
  3. Dan Green

    Dan Green Guest

    Thanks a heap Tim, that works beatifully :)

    Dan Green, Nov 11, 2003
