cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
362
Views
0
Helpful
2
Replies

nat on a router

correa
Level 1
Level 1

Hi,

I have a router 2620, on this one there is 2 networwks wich is connected (172.16.0.0/16 and 193.50.178.0/15) i need that each one can communicate.

TH routing is activated and they can communicate.

So I think it's probably the fact tha 1 network is private and one is public. so i think i have to activate the NAT but i don't kow how tio use it

THANKS

2 Replies 2

lgijssel
Level 9
Level 9

Communication between two networks that are connected to the same router should always work. I presume that you mean Internet connection from the 172.16 to the Internet, including 193.50.178.0/15.

Here is a sample config for a router using NAT between e0 and BRI0:

hostname template

!

enable secret removed

enable password removed

!

username c3640 password removed

ip subnet-zero

ip telnet source-interface Loopback0

ip tftp source-interface Loopback0

ip domain-name xxx

isdn switch-type basic-net3

isdn tei-negotiation first-call

clock timezone MET 1

clock summer-time MET recurring last Sun Mar 2:00 last Sun Oct 3:00

file prompt quiet

!

!

!

interface Loopback0

ip address 10.52.x.1 255.255.255.0

no ip directed-broadcast

!

interface Ethernet0

description LAN Template

ip address ip_adress 255.255.255.0

no ip directed-broadcast

ip nat inside >> defines NAT inside adresses

media-type 10BaseT

!

interface BRI0

description isdn ...

ip address 10.170.30.x 255.255.255.0

no ip directed-broadcast

ip nat outside >> defines NAT outside adresses

encapsulation ppp

ip tcp header-compression

no logging event link-status

dialer idle-timeout 180

dialer enable-timeout 1

dialer map ip 10.70.30.200 name c3640 007369186xx

dialer-group 1

isdn switch-type basic-net3

ppp authentication chap

hold-queue 10 out

!

ip local pool natpool1 10.52.x.11 10.52.x.20

ip nat pool natpool1 10.52.x.11 10.52.x.20 netmask 255.255.255.0

ip nat inside source list 2 pool natpool1

no ip classless

no ip forward-protocol udp tftp

no ip forward-protocol udp nameserver

no ip forward-protocol udp domain

no ip forward-protocol udp time

no ip forward-protocol udp netbios-ns

no ip forward-protocol udp netbios-dgm

no ip forward-protocol udp tacacs

ip route 0.0.0.0 255.0.0.0 10.170.30.1 130

ip tacacs source-interface Loopback0

!

logging trap notifications

logging source-interface Loopback0

logging x.x.x.x

dialer-list 1 protocol ip permit

alias exec backup copy running-config tftp://10.1.2.1/template.cfg

!

line con 0

login authentication no_tacacs

transport input none

line vty 0 4

access-class 1 in

password

!

end

It uses the loopback network range for the NAT-pool. In this way it becomes independent of the Ip range on int e0. (I only route the loopback network)

Access-list 2 defines which adresses qualify for NAT translation.

Typically this matches you ethernet IP-range.

Regards,

Leo

srikanth
Level 1
Level 1

You do not require NAT for communicating between these 2 networks if they are directly attached or if they are within your private network. You require NAT only when you want to reach the Internet from your 172.16.0.0/16 network. There are lot of good resources to read about NAT. This link should help you :

http://www.cisco.com/pcgi-bin/Support/browse/psp_view.pl?p=Internetworking:NAT&viewall=true

Also some of the Cisco Press books 'Routing TCP/IP vol.II' and 'Enhanced IP Services for Cisco Networks' give a good explanation about NAT.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco