207.x.x.x--router ----(FE0) main router (S0)------ router --- 10.72.1.0
|no nat required
As you can see, there are two networks using 10.72.1.0/24. These networks are both one hop away from the "main router". I need to be able to access both of these networks. I would like to setup NAT for one and access the other without NAT. I propose the following config:
ip address 10.1.1.1 255.255.255.0
ip nat inside
ip address 10.1.2.1 255.255.255.0
ip nat outside
ip address 10.1.3.1 255.255.255.0
ip route 207.x.x.0 255.255.255.0 10.1.1.2
ip route 10.72.1.0 255.255.255.0 10.1.3.2
ip route 10.134.1.0 255.255.255.0 10.1.2.2
ip nat outside source static network 10.72.1.0 10.134.1.0 /24 extendable
Due to existing network configs I must use nat outside on S0 (I can't use nat inside). Should this config work? When the 207 network sends traffic to 10.134, NAT creates a static host route entry for the NATed address and points the next hop out S1. It should point out S0! Is there a way to make this work? Any suggestions?
This might work although it is not possible for me to see the overall impact of this change on your configuration. You might need to utilize route maps to distiguish between different translation requirements.
One thing to keep in mind is that all connections will have to be initiated from the 207-network before you can connect from the nat-outside.
Unfortunatly, I can't use route maps on the FE interface. What I don't get is why NAT creates a static host route entry for the 10.134.x.x address and points it out the wrong interface. If routing happens before NAT as it is suppose to, you would think that it wouldn see the static route for 10.134.1.0/24 and know to send the traffic out S0 regardless of what happens with NAT.
Why do you say that connections have to be initiated from the 207 network? This is a static extendable NAT (one to one mapping on the host bits). This part works fine.
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...
Attached policy provides CLI access to the Cisco 4G router over text messaging. Two files are in the attached .tar file:
2. PDF with instructions on how to load and use the .tcl file.