Hi all, can the following be accomplished:
have a static nat translation of the form
ip nat inside source static 10.x.x.x 30.x.x.x
but only 1 host is allowed to use this translation when coming in from the outside?
ie when 64.x.x.x attempts to reach 30.x.x.x they destination is translated to 10.x.x.x.
For any other outside host the translation does not take place?
Clearly you can fairly easily block all such incoming traffic with an ACL on the outide interface.
That would be the simple answer if it met your requirements.
On the outside interface you have an acl that includes:-
permit ip host 64.x.x.x host 30.x.x.x deny ip any host 30.x.x.x
If on the other hand you need to accept this traffic for some other purpose than something more complex may be needed.
Let us know.
Hi unfortunately all traffic needs to be passed on the interface. I only wish for the nat translation to occur for 1 outside host when contacting 1 inside host.
I was thinking possibly a dynamic nat pool with just 1 address in it and an access list that only allows the 2 hosts in question
snipped-for-privacy@hotmail.com wrote:
You may want to look into
ip nat OUTSIDE source static......
-ja
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.