I need to run NAT on my AS5200 to translate some private IPs in the 10.0.1.0 range. From the Cisco docs available, I am not sure what will happen to traffic on my existing ethernet interface if I put the IP nat access lists on it. An example set-up from Cisco gives the following:
interface ethernet 1
ip address 10.10.20.1 255.255.255.0
ip nat inside
interface serial 0
ip address 172.16.10.64 255.255.255.0
ip nat outside
ip nat pool ovrld 172.16.10.1 172.16.10.1 prefix 24
ip nat inside source list 7 pool ovrld overload
access-list 7 permit 10.10.10.0 0.0.0.31
access-list 7 permit 10.10.20.0 0.0.0.31
I'd like to do the following:
NAT any ip in 10.0.1.0 255.255.255.0 range to just one real IP in my class C.
All privite IPs are currently routed to one IP in my Class C (the ethernet interface on a 2nd router)
What kind of NAT commands do I need to set up so my current traffic isn't affected and I only NAT the private IPs?
The access-list that are reference in the NAT statement do not interfere / modify the traffic that crosses the Ethernet interface. Rather it is used only to identify the traffic. In your example, traffic originating from 10.10.10.0 /27 and 10.10.20.0 /27 would be translated as it passed from E1 to S0. Traffic passing from E1 to S0 originating outside of the access-list ranges would not be translated, yet still be routed /forwarded.
The example looks like a good template for your situation, just modify the access-list appropriately. If you decided that you did not what to burn a 24 bit network on the serial link. It is possible to utilize the existing Serial address as the translation address, which would allow to modify subnet masks to a smaller subnet if appropriate.
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...