Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

IP NAT Configuration

Basically, I would like to have static NAT translations allocated in one IP subnet and dynamic NAT translations allocated from the other IP subnet (192.168.0.0/24 & 192.168.1.0/24 respectively).

I think the IOS config would be like this:

ip nat pool dnat 192.168.1.0 192.168.1.254 netmask 255.255.255.0

ip nat inside source list 11 pool dnat

ip nat inside source static 172.16.0.1 192.168.0.1

ip nat inside source static 172.16.0.10 192.168.0.2

access-list 11 deny 172.16.0.0 0.0.0.255

access-list 11 permit 172.16.1.0 0.0.0.255

The 172.16.0.0/24 subnet contains hosts requiring static NAT translation.

The 172.16.1.0/24 subnet contains hosts requiring dynamic NAT translation.

Is this possible?

3 REPLIES
New Member

Re: IP NAT Configuration

Looks good to me.

You actually shoudn't need the "access-list 11 deny 172.16.0.0 0.0.0.255 " statement since there will already be an implicit deny at the end anyway.

Also, this is likely obvious but I'll point it out anyway. Be sure you've got your "ip nat inside" on the 172.16.x.x interfaces, and "ip nat outside" on your outbound interface.

Silver

Re: IP NAT Configuration

a good practice to follow and it makes troubleshooting easier is when you assign your static nat try to use the same host ip addresses , i.e.

ip nat inside source static 172.16.0.1 192.168.0.1

ip nat inside source static 172.16.0.10 192.168.0.10

also not sure if it matters but you are including the network address of 192.168.1.0 , in your nat pool

New Member

Re: IP NAT Configuration

I am using 192.168.1.x/24 for dyn-nat translations and 192.168.0.x /24 for static-nat translations.

111
Views
6
Helpful
3
Replies
CreatePlease to create content