[c-nsp] PAT based on source IP?

Tim Devries tdevries at northrock.bm
Tue May 17 15:32:18 EDT 2005


Hi,

Using the CSS you can define what's termed a 'source group' using the group
command in config mode.  This will nat outbound traffic for a single server
(service) or a group of services/servers.

You can add the services you want to nat into this source group in order to
nat the source address of the server(s) for outbound traffic.  The VIP
address is also configured from within the group configuration.


http://www.cisco.com/en/US/products/hw/contnetw/ps789/products_command_refer
ence_chapter09186a00800e4515.html

Thanks,

Tim

-----Original Message-----
From: Dave Temkin [mailto:dave at ordinaryworld.com] 
Sent: Tuesday, May 17, 2005 4:19 PM
To: cisco-nsp at puck.nether.net
Subject: [c-nsp] PAT based on source IP?

Does anyone know if it's possible without using some sort of load-balancer 
device (CSS, Foundry, etc.) to perform PAT based on source IP?

Ie, if traffic is coming from 1.1.1.1 destined to port 9800 I want to change

the destination to 2.2.2.2 on port 9500.

This needs to be scalable (ie, I can define 50 of these, not just 1). 



I can do basic PAT to change the destination port, but that doesn't help me 
here as I need different destination ports depending on the source for a 
financial application.

Thanks,
-Dave
_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


More information about the cisco-nsp mailing list