Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
428
Views
0
Helpful
5
Replies

What is this config doing on 1841 router?

whiteford
Level 1
Level 1

‎08-12-2007 11:05 AM - edited ‎03-03-2019 06:18 PM

I'm trying to work out what this config is achieving, this is a config from an 1841 that links to a LAN (LAN port) and a 1811 router (outside port) on a remote network.

Why is there a NAT that starts and ends on the same range?

interface FastEthernet0/0

description *** LAN INTERFACE ***

ip address 192.168.8.1 255.255.255.0

ip nat inside

duplex auto

speed auto

!

interface FastEthernet0/1

description ** OUTSIDE INTERFACE TO 1811 Router **

ip address 10.152.1.226 255.255.255.224

ip nat outside

duplex auto

speed auto

!

ip classless

ip route 170.x.x.0 255.255.0.0 10.152.1.225

ip route 192.168.8.0 255.255.255.0 192.168.8.254

!

ip http server

ip http authentication local

ip http timeout-policy idle 600 life 86400 requests 10000

ip nat pool Servers 10.152.1.230 10.152.16.230 netmask 255.255.255.224

ip nat inside source list 103 pool Servers overload

!

access-list 103 remark Servers

access-list 103 permit ip 192.168.8.0 0.0.0.255 170.30.0.0 0.0.255.255

I Hope you can explain this config for me.

Labels:
0 Helpful
5 Replies 5

Edison Ortiz
Hall of Fame
Hall of Fame

‎08-12-2007 11:10 AM

>Why is there a NAT that starts and ends on the same range?

_____________

Because you want to 'overload' on just that one IP, in other words, PAT the entire network out to the internet just like you would do with the interface overload command.

Based in your netmask, you were allocated a group of 30 addresses and you are using .226 and .230 at the moment. Perhaps, there are plans to use .227-229 and .231-254 for other purposes such as static NAT for servers/services.

BTW, you have a typo on the pool - 3rd octect should be 1 not 16.

0 Helpful

whiteford
Level 1
Level 1
In response to Edison Ortiz

‎08-12-2007 11:25 AM

So that overload pats all the lan traffic to a single IP?

0 Helpful

paolo bevilacqua
Hall of Fame
Hall of Fame
In response to whiteford

‎08-12-2007 11:32 AM

No, on 4080 because the mistake that Edison has spotted :)

0 Helpful

whiteford
Level 1
Level 1
In response to paolo bevilacqua

‎08-12-2007 12:23 PM

He is correct it should be a 1, so its a Pat to a single addesses?

0 Helpful

Edison Ortiz
Hall of Fame
Hall of Fame
In response to whiteford

‎08-12-2007 11:32 AM

Correct, in your case only when the source is 192.168.8.0/24 and the destination is 170.30.0.0/16

All other traffic isn't translated

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card