vpn interface nat static— Configure static NAT address mapping for a service VPN on a vEdge router that is acting as a NAT device (on vEdge routers only).
Across all NAT pools, a vEdge router can NAT a maximum of 254 source IP addresses. This is the number of addresses in a /24 prefix, less the .0 and .255 addresses. You cannot configure translation for .0 and .255 addresses.
vManage Feature Template
For vEdge routers only:
Configuration ► Templates ► VPN Interface Cellular (for vEdge cellular wireless routers only)
Configuration ► Templates ► VPN Interface Ethernet
Configuration ► Templates ► VPN Interface NAT Pool
Configuration ► Templates ► VPN Interface PPP
- Direction To Perform Network Address Translation
- (inside | outside)
- Direction in which to perform network address translation. It can be one of the following:
• inside—Translate the IP address of packets that are coming from the service side of the vEdge router and that are destined to transport side of the router. For translation of inside source IP addresses to occur, the translation direction, configured with the direction command, must be inside. direction inside is the default, so you can omit this command from the configuration.
• outside—Translate the IP address of packets that are coming to the vEdge router from the transport side of the vEdge router and that are destined to a service-side device. For translation of outside source IP addresses to occur, the translation direction, configured with the direction command, must be outside.
- Source IP Address
- source-ip ip-address1
Private source IP address to be NATed. This is the IP address of a device or branch router on the service side of the vEdge router.
- Translated IP Address
- translate-ip ip-address2
Public IP address to map the private source address to. This is the IP address that the vEdge router places in the source field of the packet's IP header when transmitting the packet over a transport network.
Configure a vEdge router to NAT a service-side and a remote IP address:
vEdge# show running-config vpn 1 interface natpool1 ip address 10.15.1.4/30 nat static source-ip 10.1.17.3 translate-ip 10.15.1.4 inside static source-ip 10.20.25.18 translate-ip 10.25.1.1 outside direction inside no overload ! no shutdown !
Command introduced in Viptela Software Release 16.3.