Wireless Access

Reply
Regular Contributor I

NAT on controller.

Hi  to all, 

This is my requirement, I want to NAT traffic hitting the public-ip on port 8010 be NATed to PC IP 192.168.1.100 port 80. The return traffic should also be NATED. lets say the public-ip interface 20.0.0.1 is port 0/0/1 and private ip 192.168.1.1 port 0/0/2. 

How can i configure this?

1b.png

 

Re: NAT on controller.

for outgoing NAT, use ip nat-inside on the vlan interface that the 192.168.1.100 address lives in

 

for incoming port nat on the trunk port, create an access-list with the desired rule, something like the below.

 

* note * do your own testing on this, the below is untested

 

ip access-list session nat_thing
    any host 20.0.0.1 tcp 80 dst-nat 8010 ip 192.168.1.100 
    user any any permit
!

 

now go to the interface and apply the ACL

 

interface gigabitethernet 0/0/1
  ip access-group nat_thing session
!

CLI commands to verify the behavior:

show datapath session | include 20.0.0.1,192.168.1.100
show acl hits

hth.

 

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: