I'm not used to doing NAT on Cisco devices, and I'm tasked with bringing in traffic being sent to a public address that is routed to our gateway. I would like to NAT the traffic from our gateway (a Cisco 2901 router running IOS 15.0) to a private address.
From what I've read, I think this might work but I have a feeling I'm missing something.
interface GigabitEthernet0/1.1
ip address 63.145.168.58 255.255.255.252
ip nat outside
interface GigabitEthernet0/0.1
ip address 10.2.0.3 255.255.0.0
ip nat inside
ip nat inside source static udp 10.0.1.40 5060 72.165.117.130 5060 extendable
72.165.117.130 is one of our private (MPLS) WAN addresses that routes to 63.145.168.58. I'm trying to forward traffic sent to that address to an internal device at 10.0.1.40.
Is that all there is to creating a one-to-one NAT, or am I missing something?
I think you didn't quite understand the concept of NAT.
NAT means hiding your private IP address(es) behind the public address(es) of your router's external interface; with NAT, you can:
But if a packet is going to some completely different address which is not managed by your router (like 72.165.117.130) and is not passing through the router itself, there's nothing at all the router can do to "intercept" it and forward it to some other destination.