Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
384
Views
0
Helpful
4
Replies

Is NAT possible in this situation?

sdross
Level 1
Level 1

‎11-18-2003 07:55 AM - edited ‎03-02-2019 11:48 AM

this is on a 3725 router, assume that the 10. addresses are public and the 192 addresses are private.

int fa0/0 - internet side

ip address 10.1.1.2 255.255.255.252

int fa0/1 - lan side

ip address 10.1.2.1 255.255.255.224

int fa1/0

shut

int fa1/1

shut

I have public addresses on the inside that get routed out of course. I also have 2 192. addresses that I would like to static nat to 2 of the 10.1.2 addresses. Is this possible since the public address that I want to nat to is on the inside interface? If not is there another way to make this work without modifying or adding another ip to fa0/0 wan interface?

Labels:
0 Helpful
4 Replies 4

preddyi
Level 3
Level 3

‎11-19-2003 05:57 AM

Not sure, But you can try like this.

Add seconday IP (192) to the inside interface (Fa0/1)

Do a static NAT for 192. servers.

Keep public IP's as it is.

Other way round -------

simply assign private IP (192.) to all servers inside LAN.

Change Fa0/1 IP to private IP.

And do static NAT for all servers.

0 Helpful

sdross
Level 1
Level 1
In response to preddyi

‎11-19-2003 10:11 AM

I don't quite understand your response, however if this clarifies a little more here goes. I have public and private addresses inside and I want to nat private inside addresses without using the 10.1.1.2 address on the outside interface. I am getting the feeling that this is not possible. I want to NAT to one of the public addresses that is on the inside interface.

0 Helpful

preddyi
Level 3
Level 3
In response to sdross

‎11-19-2003 11:22 AM

Well,I am assuming here too LAN pools.

First 192.168.0.x/24---Private address space

Second 10.1.2.x/24---Public address space

Router WAN 10.1.1.1/24 (NAT outside I/F)

Router LAN primary ip is 10.1.2.1/24,(NAT inside I/F)

secondary address 192.168.0.1/24

Pc1 ip address 192.168.0.2/24

Pc2 ip address 10.1.2.2/24

Now routing is conerned both PC's can talk to my router.

If you are using dynamic NATing in the same router first deny,(Use access-list)any source from Public address space.

Pc2 will be able to communicate to internet without any NAT translation taking place.

For PC1 NAT translation can be configured as to get eighther overload from Fa0/0(outside I/F)

or

Use static NAT to Public LAN address space (10.1.2.3 or 10.1.2.4) ...etc.(which ever is free address)

0 Helpful

sdross
Level 1
Level 1
In response to preddyi

‎11-20-2003 07:28 AM

Thanks, I will give this a try.

0 Helpful
Customers Also Viewed These Support Documents