Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Question on NAT

Hi,

I have an issue with the using the NAT which I would like to clarify and here's the scenario.

10.10.10.0 access via int vlan 2

192.168.100.0 - 192.168.110.0 access via int vlan 3

Configuration on the RSM.

interface vlan 1

ip address 192.168.1.1 255.255.255.0

interface vlan 2

ip address 192.168.2.1 255.255.255.0

ip nat outside

interface vlan 3

ip address 192.168.3.1 255.255.255.0

ip nat inside

access-list 150 permit ip 192.168.100.0 0.0.0.255 10.10.10.0 0.0.0.255

ip nat pool test 10.10.100.50 10.10.100.254 netmask 255.255.255.0

ip nat inside source list 150 pool test

Question.

I only wanted devices in the 192.168.100.0 range translated to the IP address in the test pool when accessing devices in 10.10.10.0 network. Will devices in the 192.168.101.0 to 192.168.110.0 networks (without translation) able to access devices in the 10.10.10.0 network or vice versa with the above setup?

TIA.

PF

2 REPLIES
Cisco Employee

Re: Question on NAT

Sure, you haven't specifically denied them access, you've just said, don't NAT them on their way through. You'd need to apply an access-list on the interface that specifically denies the traffic from those other subnets.

New Member

Re: Question on NAT

Gfullage,

Thanks very much for your reply. I can apply this knowledge to my network now...

Thanks.

PF

84
Views
0
Helpful
2
Replies
CreatePlease login to create content