Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Emergency - Probably an easy NAT question

Hello. Please see the attached diagram. When I show up in the cloud from my firewall, I need to show up as 192.168.166.10, not as my router interface (192.168.166.1). Can anyone tell me the commands to make this happen? Is it possible to have an address translated to an address on the same subnet?

We previously did this on the firewall, but have just put a router there.

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Emergency - Probably an easy NAT question

Friend,

You can do that.

Configure a PAT to 192.168.166.10 for the inside subnets. Make sure the Patted IP is not assigned to anyone

ip nat pool POOL_internet 192.168.166.10 192.168.166.10 prefix-length 24

ip nat inside source list 101 pool POOL_internet overload

access-list 101 permit ip any

HTH, rate if it does

Narayan

6 REPLIES

Re: Emergency - Probably an easy NAT question

Friend,

You can do that.

Configure a PAT to 192.168.166.10 for the inside subnets. Make sure the Patted IP is not assigned to anyone

ip nat pool POOL_internet 192.168.166.10 192.168.166.10 prefix-length 24

ip nat inside source list 101 pool POOL_internet overload

access-list 101 permit ip any

HTH, rate if it does

Narayan

New Member

Re: Emergency - Probably an easy NAT question

Sorry Narayan, I'm new to natting. Could you maybe post a sample config?

Re: Emergency - Probably an easy NAT question

I already posted the sample configs.

Let me know what are the subnets behind the firewall/ router and what is the subnet mask of the network 192.168.166.0

Narayan

New Member

Re: Emergency - Probably an easy NAT question

Here is the interface configs of the router:

_________________

interface FastEthernet0/0

ip address 199.43.3.2 255.255.255.0

speed 100

full-duplex

!

interface Serial0/0

description Circuit

bandwidth 256

ip address 199.43.120.13 255.255.255.252

ip directed-broadcast

encapsulation frame-relay

no ip mroute-cache

no fair-queue

frame-relay map ip 199.43.120.14 51 broadcast payload-compression packet-by-packet

!

interface Ethernet1/0

description Connection

ip address 192.168.166.1 255.255.255.0

full-duplex

!

interface Ethernet1/1

description Connection

ip address 192.168.209.1 255.255.255.0

full-duplex

!

_______________

The firewall connects on fa0/0. There are many networks behind the firewall.

Anything attempting to connect to the host (142.225.118.224, other side of a vendor owned router)needs to show up as 192.168.166.10. There is also another host that has the same type of restriction, but if you can help with the first one I should be able to do the next one by myself.

Thanks.

New Member

Re: Emergency - Probably an easy NAT question

Do I need to apply the access-list to an interface?

New Member

Re: Emergency - Probably an easy NAT question

Guess I don't need to apply the access list to an interface, since it seems to be working without it. Thanks for all your help.

134
Views
0
Helpful
6
Replies
CreatePlease to create content