NAT from several hosts to a single host

[scrimmy]

Hi all,

Is it possible to configure NAT to target one single host IP address from several hosts

193 subnet is outside and 172 subnet is inside
When I enter
ip nat inside source static 172.31.107.125 193.39.97.28
ip nat inside source static 172.31.107.125 193.39.97.27
and get this reply
% 172.31.107.125 already mapped (172.31.107.125 -> 193.39.100.28)

I have several 193 hosts that need NATing to a single 172 IP address

TIA

 

[ChrisAC]

An inside host can only do a static NAT to a single outside global IP.

Chris.
**********************
Chris Andrew, CCNA, CCSA
chris@iproute.co.uk
**********************

 

[ChrisAC]

What is it that you are trying to acheive? If you give us more details we might be able to help.

Chris.
**********************
Chris Andrew, CCNA, CCSA
chris@iproute.co.uk
**********************

 

[marsd]

You will need to use overloading:
sample config
access-list 3 permit 193.39.97.first 0.0.0.last - first
ip nat pool IONE 172.31.107.125 netmask netmask
ip nat inside source list 3 pool IONE overload

 

[scrimmy]

Chris,

I am planning to replace several servers with one new server and was hoping to use NAT to handle the transition. IP addresses of the old servers are 193.39.97.27, 193.39.97.28, 193.39.98.27 and 193.39.98.28.
The new server is 172.31.107.125

TIA

 

[ChrisAC]

Well, if you are replacing several different servers that had different global IP's with a singe server that is going to handle all those services then I would map one global IP to the internal address (172.31.107.125)and then change DNS to reflect the single global IP for all services.

Chris.
**********************
Chris Andrew, CCNA, CCSA
chris@iproute.co.uk
**********************

 

[scrimmy]

DNS would be ideal but we do not use DNS

 

[ChrisAC]

So what services do these servers provide. No web, mail, ftp etc.. then?

Chris.
**********************
Chris Andrew, CCNA, CCSA
chris@iproute.co.uk
**********************

 

[scrimmy]

The old servers are DG/UNIX boxes and user access is only through telnet. These servers are being replaced with a HP/UNIX box and again user access is only through telnet.

 

[ChrisAC]

Just give them the new IP address then. **********************
Chris Andrew, CCNA, CCSA
chris@iproute.co.uk
**********************

 

[scrimmy]

I would do but we have 500 users per box and to reconfigure thier telnet sessions simultaneosly is not possible.

 

[ChrisAC]

Ah well, that's why you should have used DNS and not IP addresses. If their telnet sessions were configured to use servername.domain.com then you could have just changed DNS to reflect the change and then everything would work just fine as they would resolve to the new address without having to change anything on the clients.

Chris.
**********************
Chris Andrew, CCNA, CCSA
chris@iproute.co.uk
**********************

 

[scrimmy]

Hindsight is a very useful tool as is a crystal ball. But neither helps me out this predicament at the moment. The only option I can see is to setup more IP address on the new server and then NAT from one address to one address.

TIA

 

[marsd]

You're stuck with cisco here IMO.
With iptables this is trivial to fix, a simple
DNAT rulechain and you're back in business.

Good Luck