NAT query..

Unanswered Question
Jul 2nd, 2007

I have router Cisco 1841 on which I have two internet links. I have configured following two commands on it:

ip nat inside source list 101 interface FastEthernet0/0 overload

ip nat inside source static 192.168.172.17 interface FastEthernet0/0

I want to configure the same above commands for one more interface which is fastethernet 0/1. 192.168.172.17 is the ip address of a device which is directly connected to 1841 with vlan1 interface.

Can I do this somehow? I tried but I could not. But I have seen it on 3845 router that it can be configured. IOS version of both routers is 12.4.

I would highly appreciate anyone's prompt help. Thanks.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
Paolo Bevilacqua Mon, 07/02/2007 - 08:55

Hi,

If you configure that for FA0/1 too, that assumes that said interface is outside too.

Is that what you want? Do you want 192.168.172.17 to go out via FA0/1 ? You need PBR for that.

royalblues Mon, 07/02/2007 - 10:13

If i understand, you require the source to be natted to 2 different IPs when it leaves the router, i.e nat it to fa 0/0 when the destination is bound that interface and nat to fa0/1 when leaving from that interface

If this is the requirement you would require NAT with route maps.

When you create a NAT entry with an access-list it creates a simple entry

When NAT uses a route map to decide to create a translation entry, it will always create a "fully extended" translation entry. This translation entry will contain both the inside and outside (local and global) address entries and any TCP or UDP port information

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080093fca.shtml

HTH, rate if it does

Narayan

sqambera Tue, 07/03/2007 - 04:07

Thanks Narayan. You understood exactly my problem and what you suggested has solved half of the issue that I am experiencing. Now what about the second NAT command which I mentioned in my orginal query? Is there a way to redirect incoming traffic on both iterfaces (fa0/0 and fa0/1) to firewall also?

Let me expalin it again:

I have following command configured on my router:

ip nat inside source static 192.168.172.17 interface FastEthernet0/0

is there a way that I can configure the same command again on my router but with interface fa0/1 at the end? So there will be ultimately two of these commands configured on my router. Thanks.

Actions

This Discussion