04-23-2007 05:47 AM - edited 03-03-2019 04:40 PM
Hi I have a question for you...I have an edge router that is already permitting the subnet 169.191.104.0/24 in. I have a customer that wants us to NAT 2 of his IP address 10.6.158.212 and 225. I figured all I would need to do is
ip nat outside source static 10.6.158.212 169.191.140.212
ip nat outside source static
10.6.158.225 169.191.140.225
Add to the current access-list:
ip access-list standard permitssbroutes
permit 10.6.158.212
permit 10.6.158.225
am I thinking correctly?
thank you in advance
Solved! Go to Solution.
04-23-2007 06:09 AM
Dear wgranada1,
the config is right but do not forget the IP nat inside / IP nat outside on the incoming/outgoing interface, also you do not need any ACL in such NAT config, unless you use it to secure the traffic pass over the router.
Please rate helpful posts.
Best Regards,
Mounir Mohamed
04-23-2007 06:09 AM
Dear wgranada1,
the config is right but do not forget the IP nat inside / IP nat outside on the incoming/outgoing interface, also you do not need any ACL in such NAT config, unless you use it to secure the traffic pass over the router.
Please rate helpful posts.
Best Regards,
Mounir Mohamed
04-23-2007 07:07 AM
Hi Mounir
sorry about this but I misunderstoond what they are talking about. Here is what they wanted to do. I have customer who's subnets
ip access-list standard cust-in
permit 163.39.0.0 0.0.255.255
permit 161.161.72.0 0.0.0.255
permit 169.166.0.0 0.0.255.255
permit 169.191.104.0 0.0.0.255
permit 169.191.49.0 0.0.0.255
permit 169.191.48.0 0.0.0.255
they also have 2 printers that are in a NAT pool that they want to take out and put 2 static NAT ips on them. The ip address of the 2 printers that they are presenting to us are
10.6.158.212
10.6.158.225
they want us to NAT them for them cause they said that they are not able to. So the quesiton is...is it possible for me to nat the 2 10.6 addresses to one of the subnets I'm already allowing in?
04-23-2007 07:34 AM
No worries I think I figured it out we are natting the above to an internal ip address so all I would need to do is put the 10.6.158 subnet into the access-list and nat them to the same internal ip address
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: