What is this config doing on 1841 router?

Unanswered Question
Aug 12th, 2007

I'm trying to work out what this config is achieving, this is a config from an 1841 that links to a LAN (LAN port) and a 1811 router (outside port) on a remote network.

Why is there a NAT that starts and ends on the same range?

interface FastEthernet0/0

description *** LAN INTERFACE ***

ip address 192.168.8.1 255.255.255.0

ip nat inside

duplex auto

speed auto

!

interface FastEthernet0/1

description ** OUTSIDE INTERFACE TO 1811 Router **

ip address 10.152.1.226 255.255.255.224

ip nat outside

duplex auto

speed auto

!

ip classless

ip route 170.x.x.0 255.255.0.0 10.152.1.225

ip route 192.168.8.0 255.255.255.0 192.168.8.254

!

ip http server

ip http authentication local

ip http timeout-policy idle 600 life 86400 requests 10000

ip nat pool Servers 10.152.1.230 10.152.16.230 netmask 255.255.255.224

ip nat inside source list 103 pool Servers overload

!

access-list 103 remark Servers

access-list 103 permit ip 192.168.8.0 0.0.0.255 170.30.0.0 0.0.255.255

I Hope you can explain this config for me.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Edison Ortiz Sun, 08/12/2007 - 11:10

>Why is there a NAT that starts and ends on the same range?

_____________

Because you want to 'overload' on just that one IP, in other words, PAT the entire network out to the internet just like you would do with the interface overload command.

Based in your netmask, you were allocated a group of 30 addresses and you are using .226 and .230 at the moment. Perhaps, there are plans to use .227-229 and .231-254 for other purposes such as static NAT for servers/services.

BTW, you have a typo on the pool - 3rd octect should be 1 not 16.

whiteford Sun, 08/12/2007 - 12:23

He is correct it should be a 1, so its a Pat to a single addesses?

Edison Ortiz Sun, 08/12/2007 - 11:32

Correct, in your case only when the source is 192.168.8.0/24 and the destination is 170.30.0.0/16

All other traffic isn't translated

Actions

This Discussion