Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

NAT

Can you do a static NAT inside a router from a network if that network is not defined on an interface of the router?

Here is my situation. We are moving to a new ISP and a new IP block

Current setup.

Internet router

router s0 - 192.168.1.1/24

router e0 - 172.16.1.1/24

Software firewall

fw e1 - 172.16.1.2/24

fw e0 - 10.1.1.1/24

So for inbound traffic, the flow is from router s0 -> router e0 -> fw e1 -> fw e0 -> LAN. Our 10.1.1.0/24 network is actually a public IP network that was not using NAT.

My new config will be taking out the FW and putting a new router in place with the FW feature set. So the 172.16.1.0/24 network will be eliminated. Here will be our new IP setup.

Router s0 192.168.2.1/24

Router e0 10.1.1.1/24 - I will be keeping the same old IP scheme for the LAN. I need the router e0 to be in the same LAN as the fw e0 was because I lost the hop between the fw and the router. Anyway, I know have a new IP address block that I will need to use for NAT to come from our Internet to the LAN.

New IP block - 10.10.10.0/24

I want to be able to do the following:

Mail server on LAN - 10.1.1.10

I want to be able to do a command like:

ip nat inside source static 10.1.1.10 10.10.10.10

Will using the 10.10.10.10 address on the router work? Even though neither interface has an ip address on the 10.10.10.0/24 network, will the router still route this ip and then translate to my LAN?

Do I have to add something like this?

ip route 10.10.10.0 255.255.255.0 null0 - to populate the routing table?

Thanks for the insight,

RJ

1 REPLY
New Member

Re: NAT

Could I use secondary addressing on the ethernet?

interface e0

ip address 10.1.1.1

ip address 10.10.10.1 secondary

ip nat inside source static 10.1.1.10 10.10.10.10

Thanks,

RJ

104
Views
0
Helpful
1
Replies
CreatePlease login to create content