Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
CPRQ
Collaborator

Detination NAT rules

Jump to solution

Couple of question about destination NAT. Is destination also have hide nat as we can do many source hide behind with one host or dynamic natted to few hosts (pool).
Is the following example will work?

Example #1:

O-Src: 10.0.0.0/8
O-Dst: 10.0.1.0/24
T-Src: 10.0.2.1/32
T-Dst: 192.168.1.0/24
Example #2:
O-Src: 10.0.0.0/8
O-Dst: 10.0.1.1-254 (range)
T-Src: 10.0.2.1/32
T-Dst: 192.168.1-254 (range)
Example #3:
O-Src: 10.0.0.0/8
O-Dst: 10.0.1.0/24
T-Src: 10.0.2.1/32
T-Dst: 192.168.1.1 (hide)

Example #4:
O-Src: 10.0.0.0/8
O-Dst: 10.0.1.0/24
T-Src: 10.0.2.1/32
T-Dst: 192.168.1.1-4 (pool)

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin

You can do many to fewer NAT on a source address.
For a destination, you can only do 1-1 NAT.
Which suggests example 1 and 2 will work, 3 and 4 will not.
You can try to configure this, but you’ll very likely receive an error when you push policy.

View solution in original post

5 Replies
PhoneBoy
Admin
Admin

You can do many to fewer NAT on a source address.
For a destination, you can only do 1-1 NAT.
Which suggests example 1 and 2 will work, 3 and 4 will not.
You can try to configure this, but you’ll very likely receive an error when you push policy.

View solution in original post

CPRQ
Collaborator

Thank you.

0 Kudos
the_rock
Authority
Authority

Dameon is correct. I attached screenshots of what you wanted and error I got.

CPRQ
Collaborator

Great, thanks for testing.

0 Kudos
the_rock
Authority
Authority

No worries at all, if you have any other rules you want me to try, happy to do it.

0 Kudos