05-23-2021 03:31 AM
i have static IP NAT inside statement with route-ma( Route-map is working with extended ACL)
NATing is working without any problem
ip nat inside source static 192.168.1.10 x.x.x.x route-map TEST
for some reason.. i want to reverse the NATing statement from inside to outside.
However.. i tried to change the statement from Inside to outside and didnt work
need a help to do static NAT outside with route-map.??
05-23-2021 05:36 AM
However.. i tried to change the statement from Inside to outside and didnt work
explain more - inside to outside nat cover global NAT configuration right ? or you looking PBR with different Route ?
05-23-2021 08:18 AM
Hello
fady.nagy@orange.com wrote:
i have static IP NAT inside statement with route-ma( Route-map is working with extended ACL)
NATing is working without any problemi want to reverse the NATing statement from inside to outside.
What exaclty do you want to reverse, can you please elaborate
05-26-2021 06:03 AM
explain the problem ! interface GigabitEthernet0/1/2 description --- LAN ip nat inside ! interface GigabitEthernet0/0/1.406 description --- WAN ip nat outside ! ip nat inside source static 192.168.1.10 x.x.x.x route-map TEST ! ip route x.x.x.x 255.255.255.255 GigabitEthernet0/1/2 10.20.20.1 ! the route-map contains ACL to block IPs and only allows x.x.x.x. Targeted: ! interface GigabitEthernet0/1/2 description --- LAN ip nat outside ! interface GigabitEthernet0/0/1.406 description --- WAN ip nat inside ! ip nat outside source static 192.168.1.10 x.x.x.x route-map TEST <<<<<<<<<<<<<<<< ! ip route x.x.x.x 255.255.255.255 GigabitEthernet0/1/2 10.20.20.1 ! However: ip nat outside source static 192.168.1.10 x.x.x.x route-map TEST is not valid syntax Conf t ! ip nat outside source static 192.168.1.10 x.x.x.x ? add-route Add a static route for outside local address extendable Extend this translation when used no-alias Do not create an alias for the local address no-payload No translation of embedded address/port in the payload redundancy NAT redundancy operation ------ Conf t ! ip nat outside source static ? A.B.C.D Outside global IP address network Subnet translation tcp Transmission Control Protocol udp User Datagram Protocol
05-26-2021 02:15 PM - edited 05-26-2021 02:16 PM
Hello
Your outside source ip address isn't applicable, it needs to be a public or outside ip address not a internal ip address,
examples:
access-list 1 permit host 1.1.1.1
route-map NAT
match ip address 1
ip nat pool INPOOL 192.1681.11 192.168.1.11 prefix-length
ip nat outside source route-map NAT pool INPOOL
or
ip nat outside source static 1.1.1.1 192.168.1.11
or
ip nat outside source list 1 pool INPOOL
05-27-2021 02:22 AM
Thanks Paul..
During my search I found something but not sure if it will work or not.
!
Ip nat inside source static x.x.x.x 192.168.1.10 route-map Test reversible
!
05-27-2021 02:51 AM
Do you have different Route Route inside ? why you like to have Route-map
route-map TEST
this should work for you : if you looking static NAT.
ip nat outside source static 192.168.1.10 x.x.x.x
05-27-2021 03:24 AM
Actually I have different NAT statements with different routes.
That why I am using the route-maps.
05-27-2021 03:43 AM
I may have missed some information here, what is this device ? can you post show version ?
05-27-2021 03:48 AM
The device is asr1001x with ios release 16.12.05
05-27-2021 04:07 AM - edited 05-27-2021 04:09 AM
Thanks for the information
Ip nat inside source static x.x.x.x 192.168.1.10 route-map Test reversible
as per the output after IP you do not see route-map option that is the reason i have asked what code running here.
what is the outcome @paul driver suggested method ? is this not workable for you. Let me review IOS XE command reference anything changed to do suggest best.
mean time you can check this example :
05-28-2021 10:28 AM
i am wandering the
reversible
option well help and solve the issue.
05-28-2021 01:14 PM
Glas to know all working, so we mark as resolvable now.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide