[c-nsp] UDP NAT

[Vincent De Keyzer]

Hello,

 

once again, I am confused with the Cisco syntax for NAT.

 

I have two NAT UDP rules, one for NTP and one for syslog:

 

ip nat inside source static udp X.Y.244.214 123 10.106.246.49 123 extendable

ip nat inside source static udp X.Y.244.214 514 10.106.246.49 514 extendable

 

So the NAT gateway has address 10.106.246.49 (outside interface), and the
NTP/syslog server has address X.Y.244.214 on the inside.

 

The NTP translation works, the syslog one does not. When debugging ('ip udp'
and 'ip nat detailed'), I see:

 

May  5 17:19:06.740 CET: NAT: o: udp (10.106.248.66, 123) -> (10.106.246.49,
123) [0]

May  5 17:19:06.740 CET: NAT: s=10.206.248.66, d=10.106.246.49->X.Y.244.214
[0]

 

for NTP, and:

 

May  5 17:19:04.880 CET: NAT: no global port for 10.106.246.49

May  5 17:19:04.880 CET: UDP: rcvd src=10.106.248.68(52291),
dst=10.106.246.49(514), length=109

 

for syslog.

 

The difference I see is that source and destination port is the same for
NTP, but not for syslog.

 

Now, how do I translate this into a working IOS config?...

 

Vincent