Two Nat Statements for the same server?

Is that even possible?

ip nat inside source static 192.168.1.50 63.63.63.63
ip nat inside soruce static 192.168.1.50 73.73.73.73

Basically we are miagrating from one Public IP address space to another but wanted to keep the old address funcationing for a period of time?

I have never heard of two static NATS for the same host.

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

elegua

mattsthe2 wrote:

Is that even possible?

ip nat inside source static 192.168.1.50 63.63.63.63
ip nat inside soruce static 192.168.1.50 73.73.73.73

Basically we are miagrating from one Public IP address space to another but wanted to keep the old address funcationing for a period of time?

I have never heard of two static NATS for the same host.

Hi Mattsthe2

I have two static NAT statements to the same host but one statement is using TCP and the other one is using UDP, with the format you posted both static NATs is not possible, you will get this message:

% 192.168.1.50 already mapped (192.168.1.50 -> 63.63.63.63)

Hope this help.

mattsthe2

thats strange then because it let me type it in.

This is on a 3845 with Advanced IP Services. We are running IOS firewall on this box also.

?

elegua

mattsthe2 wrote:

thats strange then because it let me type it in.

This is on a 3845 with Advanced IP Services. We are running IOS firewall on this box also.

?

Yeah, i'm running c2600-advipservicesk9-mz.124-19, also it let me type those nat cmds but when i hit enter i got that warning, did you try those cmds?, you can try and see what happen.

mattsthe2

i am running those commands in prodution as we speak and it did not give me any error.

elegua

mattsthe2 wrote:

i am running those commands in prodution as we speak and it did not give me any error.

Then i was wrong, did you test it? after you entered those cmds, did you get the result that you were looking for?.

Luckycharms

what does your nat table say for connections??? ( that will tell you really fast what IP resolution is really begin resolved.)

mattsthe2

Ok so i did some testing and it appears it works **for me**

What happened was i put the two nat translations in there into production which was an FTP server and one of the application guys grabbed me and said its not working.

So we got on the horn with the customer and he hit the OLD ip address, he could login put was having trouble uploading data. On our side we saw 0 KB file. (now keep in mind at this poing we had both NAT Trans in there)

When i removed the NEW IP nat translation and had him test again to the OLD IP everything worked.

Which then led me to post on here if two NAT translations for the same inside host is possible....

We are going to be calling him today to have him try hit the new IP Address and see if we get the same issue.

Weird very weird

APA

Are you making the nat changes while telnet'ed or SSH'ed to the 3845....... I'm willing to bet you don't have terminal monitor on so the warning would not be popping up.....

These two NAT statements are conflicting...... It probably allows you to have them but what if the inside host initiates connections to the outside.... How would it know which NAT statement to use???

mattsthe2

i was making the changes via telnet so your probably right...good catch.

I think its work for imcoming connections but outgoing i think it just chooses the last entry I put in (the newest).