From: Andrew Shin (mr.dude@gmail.com)
Date: Mon Mar 09 2009 - 12:52:11 ARST
I have a server on the inside interface with an IP address of 9.9.9.9.
I would like to access this server from the outside interface from devices
having IP addresses in the range 5.0.0.0/24.
However, I would like two NATs to occur. First, I would like the
5.0.0.0/24devices to know the 9.9.9.9 port 80 server as 2.2.2.2 port
8080.
Second, I would like the 9.9.9.9 server to know the 5.0.0.0/24 range as one
IP address (16.16.16.1/32) which I'm hoping would get PATted.
I've got it working with just one IP address from the 5.0.0.0/24 range, but
as soon as I try a second device from the same range it can't access it
because there's
only one IP in the pool to use. Is there a way for me to do this PAT on the
outside interface? Do I need to switch the inside and outside interfaces so
that I can get PAT for the 5.0.0.0/24 devices...or am I looking at this
incorrectly?
Thanks in advance for any assistance!
interface F0/0
ip nat inside
!
interface serial0/0
ip nat outside
ip address 2.2.2.2 255.255.255.252
!
ip nat pool nat-pool 16.16.16.1 16.16.16.1 netmask 255.255.255.252 <<<only
allowed to use this one IP
ip route 16.16.16.1 255.255.255.255 serial0/0 <<<needed this static route
else the packet was dropped
!
ip nat inside source static tcp 9.9.9.9 80 2.2.2.2 8080 route-map
insideserver extendable
!
ip nat outside source list server pool nat-pool
!
route-map insideserver
match ip address insideserver
!
ip access ext insideserver
permit 5.0.0.0 0.0.0.255 host 2.2.2.2
Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Mon Apr 06 2009 - 06:44:04 ART