Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.

New Member

nat on a router


I have a router 2620, on this one there is 2 networwks wich is connected ( and i need that each one can communicate.

TH routing is activated and they can communicate.

So I think it's probably the fact tha 1 network is private and one is public. so i think i have to activate the NAT but i don't kow how tio use it



Re: nat on a router

Communication between two networks that are connected to the same router should always work. I presume that you mean Internet connection from the 172.16 to the Internet, including

Here is a sample config for a router using NAT between e0 and BRI0:

hostname template


enable secret removed

enable password removed


username c3640 password removed

ip subnet-zero

ip telnet source-interface Loopback0

ip tftp source-interface Loopback0

ip domain-name xxx

isdn switch-type basic-net3

isdn tei-negotiation first-call

clock timezone MET 1

clock summer-time MET recurring last Sun Mar 2:00 last Sun Oct 3:00

file prompt quiet




interface Loopback0

ip address 10.52.x.1

no ip directed-broadcast


interface Ethernet0

description LAN Template

ip address ip_adress

no ip directed-broadcast

ip nat inside >> defines NAT inside adresses

media-type 10BaseT


interface BRI0

description isdn ...

ip address 10.170.30.x

no ip directed-broadcast

ip nat outside >> defines NAT outside adresses

encapsulation ppp

ip tcp header-compression

no logging event link-status

dialer idle-timeout 180

dialer enable-timeout 1

dialer map ip name c3640 007369186xx

dialer-group 1

isdn switch-type basic-net3

ppp authentication chap

hold-queue 10 out


ip local pool natpool1 10.52.x.11 10.52.x.20

ip nat pool natpool1 10.52.x.11 10.52.x.20 netmask

ip nat inside source list 2 pool natpool1

no ip classless

no ip forward-protocol udp tftp

no ip forward-protocol udp nameserver

no ip forward-protocol udp domain

no ip forward-protocol udp time

no ip forward-protocol udp netbios-ns

no ip forward-protocol udp netbios-dgm

no ip forward-protocol udp tacacs

ip route 130

ip tacacs source-interface Loopback0


logging trap notifications

logging source-interface Loopback0

logging x.x.x.x

dialer-list 1 protocol ip permit

alias exec backup copy running-config tftp://


line con 0

login authentication no_tacacs

transport input none

line vty 0 4

access-class 1 in




It uses the loopback network range for the NAT-pool. In this way it becomes independent of the Ip range on int e0. (I only route the loopback network)

Access-list 2 defines which adresses qualify for NAT translation.

Typically this matches you ethernet IP-range.



New Member

Re: nat on a router

You do not require NAT for communicating between these 2 networks if they are directly attached or if they are within your private network. You require NAT only when you want to reach the Internet from your network. There are lot of good resources to read about NAT. This link should help you :

Also some of the Cisco Press books 'Routing TCP/IP vol.II' and 'Enhanced IP Services for Cisco Networks' give a good explanation about NAT.

CreatePlease to create content