I am trying to figure out how to use a Cisco 1841 IOS router to take traffic from one interface and source NAT it out towards the Internet on one interface and at the same time NOT perform NAT when sending the traffic towards a different routed interface. Something like this:
RemoteSite(an extension to Main Campus)
Cisco1841 --- Fa0/0/0-------------------Public Internet (NAT all outbound traffic from "Remote Site",
| no need to NAT from Main Campus)
Here the RemoteSite has connectivity back to the MainCampus, but there is no need to NAT traffic from the one site to the other. They share the same umbrella of address space. However, the RemoteSite needs to have its Internet-bound traffic NAT'ed out to the Public Internet via a third interface.
I know that I could just NAT everything out from the Remote Site and map the traffic back onto the same address space for intra-campus communication, but I'd rather avoid that and just NAT where I need to NAT it to the Internet.
I do have a caveat here: in the event that either the MainCampus or the Public Internet interfaces go down, I would like to failover traffic from the downed link to other good link. For example, I want to NAT all traffic (including "intra-campus" traffic) out via the Public Internet if the direct link to the MainCampus is down. For the other example, if the Public Internet direct link is down, I would just send out all traffic without NAT towards the MainCampus.
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...