03-30-2004 08:41 AM - edited 03-02-2019 02:39 PM
Dear NAT experts,
I am facing a small NAT related problem. Basically I need to have 1 inside interface and 2 outside interfaces.
The inside interface sits on a private IP subnet. While both outside interfaces sit on two different public IP ranges.
Int Dialer1 is the main interface
Int Dialer2 is the backup interface (note: this interface has a /32 mask)
I need to prepare 2 sets of NAT statements, one which is a 1 to 1 NAT and the other needs to be overloaded (due to only 1 IP available on DDR interface)
Also note that the connections do not support dynamic routing of any type.
Will this work? If no, any suggestions that could point me in the right direction?
Thanks in advance.
Sample configuration:
version 12.3
!
ip cef
isdn switch-type basic-net3
!
!
!
!
interface ATM0
no ip address
backup interface Dialer2
no ip mroute-cache
no atm ilmi-keepalive
pvc 0/35
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
dsl operating-mode auto
!
interface BRI0
no ip address
encapsulation ppp
dialer rotary-group 2
dialer-group 1
isdn switch-type basic-net3
!
interface FastEthernet0
description connected to private IP LAN
ip address 192.x.x.x.x.255.0
ip route-cache flow
ip nat inside
speed auto
!
interface Dialer1
description connected to ADSL
ip address 100.1.x.x.x.255.248
encapsulation ppp
ip route-cache flow
dialer pool 1
dialer-group 1
ppp pap sent-username xxxxx password 7 xxxxxx
ppp ipcp dns request
ppp ipcp wins request
ip nat outside
!
interface Dialer2
description connected to ISDN
ip address 200.1.x.x.255.255.255
encapsulation ppp
ip route-cache flow
dialer in-band
dialer string xxxxxxxxx
dialer hold-queue 10
dialer watch-group 1
dialer-group 1
ppp authentication pap callin
ppp pap sent-username xxxxx password 7 xxxxxx
ip nat outside
!
!
!
ip nat inside source static 192.168.0.2 100.1.1.2
ip nat inside source static 192.168.0.3 100.1.1.3
ip nat inside source static 192.168.0.4 100.1.1.4
ip nat inside source static 192.168.0.5 100.1.1.5
ip nat inside source static 192.168.0.6 100.1.1.6
ip nat inside source list 100 interface Dialer2 overload
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
ip route 0.0.0.0 0.0.0.0 Dialer2 10
no ip http server
!
!
access-list 100 permit ip 192.168.0.0 0.0.0.255
dialer watch-list 1 ip x.x.x.x 255.255.255.255
dialer watch-list 1 delay disconnect 10
dialer-list 1 protocol ip permit
!
!
line con 0
line aux 0
line vty 0 4
password 7xxxx
login
--More--
04-09-2004 06:51 AM
You can also use route-map to configure the nat overload.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide