[c-nsp] ip nat outside source and global port redirection
Tuc at T-B-O-H.NET
ml at t-b-o-h.net
Wed Feb 27 09:03:19 EST 2008
Hi,
I have a network with 1 input side, 2 output sides, NAT all
around. If things go out the "A" output side, everything should run
normally. However, if things go out the "B" output side, I need to :
1) Forward 0.0.0.0/0 port 80 to "B" port 87
2) Forward 0.0.0.0/0 port 53 to internal IP 192.168.3.15 port 53,
ONLY if 192.168.3.15 is up.
#1 is my first priority, since I think #2 is going to be
a bit tricker than I care to deal with.
I see "ip nat outside source" with a PORT STATIC of :
ip nat outside source {static tcp | udp global-ip global-port local-ip local-port} [add-route] [extendable] [no-alias] [no-payload]
That wouldn't work unless I put every potential IP into the "global-ip" field.
There is also NETWORK STATIC with :
ip nat outside source {static network global-network local-network mask} [add-route] [extendable] [no-alias] [no-payload]
but that doesn't do anything with ports.
I looked at "ip policy route-map" on the interface, but that too doesn't do anything for ports.
Any pointers?
Thanks, Tuc
More information about the cisco-nsp
mailing list