Getting NAT correct on a 6509

Unanswered Question
Mar 12th, 2007
User Badges:

I need a little NAT advice. I am routing between 2 internal vlans, 192.168.32.0/24 and .64/24. I need to NAT these 2 vlans to the outside/public vlan 165.x.x.x. Here is the config I have come up wth :


ip nat pool niscpool 165.x.x.105 165.x.x.105 prefix 24


access-list 1 permit 192.168.32.0 0.0.0.255

access-list 1 permit 192.168.64.0 0.0.0.255


ip nat inside source list 1 pool niscpool overload


interface vlan 1

ip nat outside


interface vlan 3

ip nat inside


interface vlan 4

ip nat inside



Will this work? Any suggestions?


TIA


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
ssoberlik Fri, 03/16/2007 - 11:50
User Badges:
  • Bronze, 100 points or more

If you are planning to implement NAT with Cat6509 supervisor itself, then you cannot go for 2 inside interfaec. Cisco IOS does not allow that configuration.

Refer to http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter09186a00800ca75b.html#wp1003513


But you can implement this scenario with Firewall module FWSM.

You can configure multiple SVIs to be part of the 'inside' interface.

http://www.cisco.com/en/US/products/hw/switches/ps708/products_module_configuration_guide_chapter09186a0080577c7f.html#wp1176033

Jon Marshall Fri, 03/16/2007 - 15:33
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Hi


Is this a limitation of the 6500 or the IOS.

As far as i am aware there is nothing to stop you applying the "ip nat inside" statement to more than one interface in IOS.

Jon

Actions

This Discussion