RE: Source nat and destination nat on Same public ip

Hi Joe

on Cisco can we have only one public ip and two private ip say A and B.... I
want to do the destination nat on the public ip to one private ip A and at the
same time source nat for private IP B to the same public ip

> Date: Wed, 7 Mar 2012 17:31:57 -0500
> Subject: Re: Source nat and destination nat on Same public ip
> From: joeastorino1982_at_gmail.com
> To: faizankhurshid921_at_hotmail.com
> CC: ccielab_at_groupstudy.com
>
> Try configuring a simple static PAT translation for the inbound
> traffic and just use dynamic PAT to the outside public IP for
> everything else.
>
> ip nat inside source static tcp 172.16.16.12 25 interface gi0/1 25
> ip nat inside source list NAT interface fa0/1 overload
> !
> ip access-list extended NAT
> permit ip 172.16.16.0 0.0.0.255 any
> !
> int fa0/0
> ip nat inside
> !
> int fa0/1
> ip nat outside
>
>
> On Wed, Mar 7, 2012 at 4:29 PM, faizan khurshid
> <faizankhurshid921_at_hotmail.com> wrote:
> > Hi
> >
> > Actually I have one EMAIL Gateway having two IP's outbound
> > 172.16.16.12 and inbound 172.16.16.11 .User EMail traffic will go to
> > outside from 172.16.16.12 and Email inbound traffic come to
> > 172.16.16.11 .Below i try to help to understand the traffic flow
> > User send EmailSend Email---------->Email Gateway(
> > 172.16.16.12)-------->94.56.X.X............>Internet (Source natting)
> > User Receive an Email from Internet
> > User<----------Email Gateway(
> > 172.16.16.11)<--------94.56.X.X<..........Internet (Destination natting)
> >
> > 94.56.X.X will remain same both from Inside to Internet & from Internet
to
> > Inside
> >
> >
> >
> >
> >
> >
> >> From: faizankhurshid921_at_hotmail.com
> >> To: ccielab_at_groupstudy.com
> >> Subject: Source nat and destination nat on Same public ip
> >> Date: Wed, 7 Mar 2012 21:48:07 +0500
> >>
> >> Dear
> >>
> >> Below is my scenario
> >>
> >> .
> >>
> >>
> >> I have Mail Gateway : which is sending and receving an email on
> > different
> >> IP ....................IP 172.16.16.12 it sending email to outside
> >> world while 172.16.16.11 its receving from Internet.I only have one
> >> public IP 94.56.X.X .I did below config user can receive from outside
world
> >> while once user send an email i should receive on 94.56.X.X f but i m
> >> receving from Outside interface of router which is connected to
Internet
> >>
> >> My question can we do source nat and destination nat on Same public ip
> >> while we have different private IP's .Below is my config seems to be
> >> fine but its not working for outgoing traffic
> >>
> >> Once i remove ip nat inside source list DMZ interface fa0/1 overload
> >> internet stop working on my Mail Gateway
> >>
> >>
> >>
> >> ip nat pool POOL1 172.16.16.11 172.16.16.11 netmask 255.255.255.0 type
> >> rotaryip nat pool POOL2 94.56.X.X 94.56.X.X netmask 255.255.255.0ip nat
> > inside
> >> source list Outside pool POOL2ip nat inside destination list Inside pool
> >> POOL1!ip access-list extended Inside permit tcp any host 94.56.X.X eq
> > smtpip
> >> access-list extended Outside permit tcp host 172.16.16.12 eq smtp any eq
> > smtp
> >> !
> >> ip access-list extended DMZ
> >> permit ip 172.16.16.0 0.0.0.255 any
> >>
> >> ip nat inside source list DMZ interface fa0/1 overload
> >>
> >>
> >> interface FastEthernet0/0 ip address 172.16.16.1 255.255.255.0 ip nat
> > inside
> >> ip virtual-reassembly duplex auto speed auto!interface FastEthernet0/1
ip
> >> address 94.216.200.65 255.255.255.252 ip nat outside ip
virtual-reassembly
> >> duplex auto speed auto
> >>
> >>
> >> Blogs and organic groups at http://www.ccie.net
> >>
> >> _______________________________________________________________________
> >> Subscription information may be found at:
> >> http://www.groupstudy.com/list/CCIELab.html
> >
> >
> > Blogs and organic groups at http://www.ccie.net
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
> >
> >
> >
> >
> >
> >
>
>
>
> --
> Regards,
>
> Joe Astorino
> CCIE #24347
> http://astorinonetworks.com
>
> "He not busy being born is busy dying" - Dylan
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Thu Mar 08 2012 - 10:50:46 ART