We have a customer coming in through our firewall whose source IP addresses we want to change. We have a number of NATs in place changing our internal addresses as they go outbound, but this will be the first inbound change we do.
The customer will hit our outside interface with a source IP address in the range of 172.18.31.0. We want them to show up on our network as 10.1.1.1 (so we want to do PAT, really).
Below is the configuration I was considering:
nat (outside) 2 172.18.31.0 255.255.255.0 0 0 global (inside) 2 10.1.1.1 netmask 255.255.255.255
route outside 172.18.31.0 255.255.255.0 1.2.3.4 1
1.2.3.4 is the customer router abutting our outside interface of 1.2.3.1I think this should work as detailed above, but my only concern is that if I turn on an outside -> inside NAT, does that break the normal Identity NAT process that normally would occur coming outside in? Or is there anything else conceivable that could get broken by this translation?
Thanks, Jason