Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
206
Views
0
Helpful
1
Replies

Need help on complex NAT problem

lostnetworker
Level 1
Level 1

‎03-30-2004 08:41 AM - edited ‎03-02-2019 02:39 PM

Dear NAT experts,

I am facing a small NAT related problem. Basically I need to have 1 inside interface and 2 outside interfaces.

The inside interface sits on a private IP subnet. While both outside interfaces sit on two different public IP ranges.

Int Dialer1 is the main interface

Int Dialer2 is the backup interface (note: this interface has a /32 mask)

I need to prepare 2 sets of NAT statements, one which is a 1 to 1 NAT and the other needs to be overloaded (due to only 1 IP available on DDR interface)

Also note that the connections do not support dynamic routing of any type.

Will this work? If no, any suggestions that could point me in the right direction?

Thanks in advance.

Sample configuration:

version 12.3

!

ip cef

isdn switch-type basic-net3

!

!

!

!

interface ATM0

no ip address

backup interface Dialer2

no ip mroute-cache

no atm ilmi-keepalive

pvc 0/35

encapsulation aal5mux ppp dialer

dialer pool-member 1

!

dsl operating-mode auto

!

interface BRI0

no ip address

encapsulation ppp

dialer rotary-group 2

dialer-group 1

isdn switch-type basic-net3

!

interface FastEthernet0

description connected to private IP LAN

ip address 192.x.x.x.x.255.0

ip route-cache flow

ip nat inside

speed auto

!

interface Dialer1

description connected to ADSL

ip address 100.1.x.x.x.255.248

encapsulation ppp

ip route-cache flow

dialer pool 1

dialer-group 1

ppp pap sent-username xxxxx password 7 xxxxxx

ppp ipcp dns request

ppp ipcp wins request

ip nat outside

!

interface Dialer2

description connected to ISDN

ip address 200.1.x.x.255.255.255

encapsulation ppp

ip route-cache flow

dialer in-band

dialer string xxxxxxxxx

dialer hold-queue 10

dialer watch-group 1

dialer-group 1

ppp authentication pap callin

ppp pap sent-username xxxxx password 7 xxxxxx

ip nat outside

!

!

!

ip nat inside source static 192.168.0.2 100.1.1.2

ip nat inside source static 192.168.0.3 100.1.1.3

ip nat inside source static 192.168.0.4 100.1.1.4

ip nat inside source static 192.168.0.5 100.1.1.5

ip nat inside source static 192.168.0.6 100.1.1.6

ip nat inside source list 100 interface Dialer2 overload

ip classless

ip route 0.0.0.0 0.0.0.0 Dialer1

ip route 0.0.0.0 0.0.0.0 Dialer2 10

no ip http server

!

!

access-list 100 permit ip 192.168.0.0 0.0.0.255

dialer watch-list 1 ip x.x.x.x 255.255.255.255

dialer watch-list 1 delay disconnect 10

dialer-list 1 protocol ip permit

!

!

line con 0

line aux 0

line vty 0 4

password 7xxxx

login

--More--

Labels:
0 Helpful
1 Reply 1

murabi
Level 4
Level 4

‎04-09-2004 06:51 AM

You can also use route-map to configure the nat overload.

0 Helpful
Customers Also Viewed These Support Documents