Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2947
Views
0
Helpful
3
Replies

Using private and public IP addresses without NAT

tcherkon
Level 1
Level 1

‎02-05-2004 11:04 PM - edited ‎03-02-2019 01:24 PM

If a router has one interface with private IP address (e.g. 10.0.0.1) and another with public IP address (e.g. 1.1.1.1) and NAT is NOT enabled on the router, will the router perform routing between those interfaces?

Also, is it possible to turn on and off routing between those interfaces?

(I'd probably test it by myself, but unfortunately I don't have equipment).

Thanks all for answers.

Labels:
0 Helpful
3 Replies 3

jolmo
Level 4
Level 4

‎02-06-2004 03:15 AM

I think if your routing configuration is correct and you DON'T use this router to connect to the public Internet it will work without NAT. About turning off routing between interfaces I think one way to do so is configuring ACLs.

HTH

0 Helpful

oldman
Level 1
Level 1

‎02-06-2004 05:08 AM

1,if you want to connect to the internet,you will use NAT

2,if you want to connect to other layer 3 devices,for example,router or Pix,you will perform routing

Defaultly,router perform routing bewteen derectly interfaces

0 Helpful

hnorvik
Level 1
Level 1

‎02-06-2004 06:53 AM

A router will always route between the interfaces as long as you enable IP routing (the command "ip routing" is enabled by default). It doesn't matter which IP address the interface is configured with - even if you use a mix of private and public.

Assuming that you have more than two interfaces on this router, to avoid routing between between your two interfaces with address 10.0.0.1 and 1.1.1.1, you must define an outgoing ACL on your interface towards the public network. This way your interface with the internal address can continue to talk to the router itself and any of other interfaces. If you have more than one interface with a public address, use the same ACL on all of them.

Note that this is necessary ONLY if your interface with the public address really is connected to the world outside. You may use a mix of private and public addresses internally, but never send a private address out on Internet. Then you must configure and use NAT.

Example:

access-list 1 deny 10.0.0.0 255.0.0.0

access-list 1 permit any

Interface ethernet 0

description external network

ip address 1.1.1.1 255.255.255.0

ip access-group 1 out

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents