cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
649
Views
3
Helpful
8
Replies

Need NAT commands (Urgent)

bagvanliju
Level 1
Level 1

Hi,

how can i config nat in router..using "Only WAN" ip.ISP has blocked entire /28 lan ip due to some span issue....for time being thought of using wan ip for NATing ... can some one help me in configuring the same ...would be very much appreciated ...

thanks in advance

2 Accepted Solutions

Accepted Solutions

You're missing "ip nat out" on your serial interface.

That should fix it.

HTH,

John

*please rate if helpful*

HTH, John *** Please rate all useful posts ***

View solution in original post

Hello Bharthi,

nat translations entries are created based on a traffic

with a PC on net 192.168.0.x try to navigate over the internet

Hope to help

Giuseppe

View solution in original post

8 Replies 8

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello Bharti,

you need to define the lan interface as NAT inside

the wan as nat outside

int f0/0

desc lan

ip nat inside

ip address 10.10.10.1 255.255.255.0

int s0/0

desc wan

ip nat outside

ip address xx.xx.xx.2 255.255.255.252

access-list 11 permit 10.10.10.0 0.0.0.255

ip nat inside source list 11 interface s0/0 overload

the overload keyword allows for PAT

this is enough for basic nat to access the internet

use sh ip nat translations to see the activity of NAT

note:

if you have also advanced requirements like an ipsec tunnel to another site some more tuning is needed

Hope to help

Giuseppe

Hi Gui,

Thanks for the update ..i ve done the same config but not able to see any nat transaction ...also see the router config below

XX#s run

!

memory-size iomem 25

ip subnet-zero

ip name-server XX.XX.XX.XX

ip name-server XX.XX.XX.XX

!

!

class-map match-all VOICE_PUBLIC

match access-group 112

class-map match-any SMTP_CLASS

match access-group 111

class-map match-any REST_ClASS

match any

class-map match-any VOICE_CLASS

match ip precedence 5

!

!

policy-map MOD_QOSPOLICY

class VOICE_CLASS

bandwidth percent 20

class SMTP_CLASS

bandwidth percent 20

class VOICE_PUBLIC

bandwidth percent 5

class REST_ClASS

bandwidth percent 30

!

!

!

!

interface FastEthernet0/0

ip address 192.168.0.1 255.255.255.0

ip nat inside

speed auto

!

interface BRI0/0

no ip address

shutdown

!

interface Serial1/0

ip address XX.XX.XX.XX 255.255.255.252

service-policy output MOD_QOSPOLICY

!

ip nat inside source list 11 interface Serial1/0 overload

ip classless

ip route 0.0.0.0 0.0.0.0 Serial1/0

no ip http server

!

access-list 11 permit 192.168.0.0 0.0.0.255

snmp-server community modely RO

!

modelytics#s ip nat tran

XX#

You're missing "ip nat out" on your serial interface.

That should fix it.

HTH,

John

*please rate if helpful*

HTH, John *** Please rate all useful posts ***

Hi,

Thanks for the hlp it was my misatake ..changed the same but still not showing the same

interface FastEthernet0/0

ip address 192.168.0.1 255.255.255.0

ip nat inside

speed auto

!

!

interface Serial1/0

ip address XX.XX.XX.XX 255.255.255.252

ip nat outside

service-policy output MOD_QOSPOLICY

!

ip nat inside source list 11 interface Serial1/0 overload

ip classless

ip route 0.0.0.0 0.0.0.0 Serial1/0

no ip http server

!

access-list 11 permit 192.168.0.0 0.0.0.255

snmp-server community modely RO

!

modelytics#

modelytics#

modelytics#s ip nat tran

modelytics#

modelytics#

modelytics#

Lijesh.N.C

Hello Bharthi,

nat translations entries are created based on a traffic

with a PC on net 192.168.0.x try to navigate over the internet

Hope to help

Giuseppe

Thanks gui its working thans for the valuable supprt ...

Lijesh.Nc

Thanks J its working thans for the valuable supprt ...Thanks for poiting the mistake ..i ve rated ..

Lijesh.Nc

John Blakley
VIP Alumni
VIP Alumni

Example:

int fa0/0

ip address

ip nat out

int fa0/1

ip address 10.1.0.1 255.255.255.0 (private ip)

ip nat in

ip nat inside source list 1 inter fa0/0 overload

access-list 1 permit 10.1.0.0 0.0.0.255

HTH,

John

HTH, John *** Please rate all useful posts ***
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco