Cisco Support Community
Community Member

2611, NAT on separate interfaces, FW/IDS

Is it possible to enable NAT on one interface but not another? I have a T1 coming in a serial WIC s0.

I have two ethernet interfaces. One has a public IP address and there is a cable that goes to a firewall. Firewall is doing NAT. LAN's def gateway is the firewall.

For the purposes of testing the Cisco IOS FW/IDS feature set I'd like to know if I can enable NAT on just the second ethernet interface and plug that into my internal LAN switch. The testing PCs would point to the second ethernet interface as their default gateway instead of the firewall.

The purpose of all this is to practice some IOS commands without buying a separate router.




Re: 2611, NAT on separate interfaces, FW/IDS

Since there has been no response to your post, it appears to be either too complex or too rare an issue for other forum members to assist you. If you don't get a suitable response to your post, you may wish to review our resources at the online Technical Assistance Center ( or speak with a TAC engineer. You can open a TAC case online at

If anyone else in the forum has some advice, please reply to this thread.

Thank you for posting.

CreatePlease to create content