Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

NAT concerns on existing ethernet interface

I need to run NAT on my AS5200 to translate some private IPs in the range. From the Cisco docs available, I am not sure what will happen to traffic on my existing ethernet interface if I put the IP nat access lists on it. An example set-up from Cisco gives the following:

interface ethernet 1

ip address

ip nat inside

interface serial 0

ip address

ip nat outside

ip nat pool ovrld prefix 24

ip nat inside source list 7 pool ovrld overload

access-list 7 permit

access-list 7 permit

I'd like to do the following:

NAT any ip in range to just one real IP in my class C.

All privite IPs are currently routed to one IP in my Class C (the ethernet interface on a 2nd router)

What kind of NAT commands do I need to set up so my current traffic isn't affected and I only NAT the private IPs?

New Member

Re: NAT concerns on existing ethernet interface


The access-list that are reference in the NAT statement do not interfere / modify the traffic that crosses the Ethernet interface. Rather it is used only to identify the traffic. In your example, traffic originating from /27 and /27 would be translated as it passed from E1 to S0. Traffic passing from E1 to S0 originating outside of the access-list ranges would not be translated, yet still be routed /forwarded.

The example looks like a good template for your situation, just modify the access-list appropriately. If you decided that you did not what to burn a 24 bit network on the serial link. It is possible to utilize the existing Serial address as the translation address, which would allow to modify subnet masks to a smaller subnet if appropriate.


CreatePlease to create content