Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2022
Views
0
Helpful
4
Replies

NAT Multiple LANs

Yacine BS
Level 1
Level 1

‎12-05-2018 01:39 AM

Hello,

Can we NA multiple LANs on the same router going out the same interface and having the same IP addresses?

 

For example:

For the case in the design below, how can we do it without using VRFs?

image.pngThanks,

Labels:
0 Helpful
4 Replies 4

balaji.bandi
Hall of Fame
Hall of Fame

‎12-05-2018 04:10 AM

In short yes it is possible, what kind of device is this ?, make sure you have good head room to process so many NAT rules.

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Yacine BS
Level 1
Level 1
In response to balaji.bandi

‎12-05-2018 05:04 AM

Hello,

 

Basically this should work on ISR 4300 or ISR 800,

can you elaborate more on how can this be done?

 

Thanks,

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to Yacine BS

‎12-06-2018 12:54 AM

Another note, if you do not have requirement of /8 /16  then you need to be use specific to subnet rather a super net.

suggestion is to look forward to have specific subnet to add in ACL and do NAT.

if you looking to NAT /8 /16 /24 the device not good enough in terms of resources.

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

David Castro F.
Spotlight
Spotlight

‎12-05-2018 07:15 PM

Hello Yacine,

 

I hope you are doing great,

 

Yes you can do this "IF the subnets do not overlap to each other, per say host 10.0.0.15 on sw1 and on sw4 10.0.0.15" this could cause a ARP issue in the router, and the only way to make it work is with VRFs and then NAT.

 

Now if the subnets in the diagram are just the internal VLANs in your network then there is not problem, you can do this on any router from ISR 4300- ISR G2 which are EoL, the 800 series and so on. 

 

If you want to NAT all those subnets to one IP address this is called PAT(Port Address translation), you will need to create an ACL to classify those internal subnets and the use the interface that has the IP address that you want them to be NATTed.

 

1. Create standard ACL with the internal subnets:

access-list 1 permit 10.0.0.0 0.255.255.255

access-list 1 permit 172.16.0.0 0.0.255.255

access-list 1 permit 192.168.0.0 0.0.0.255

 

2. create the NAT command:

 

ip nat inside source list 1 interface fastethernet 0/1 overload

 

3. Place the "ip nat inside" in the interface where the private subnets are ingressing to the router for this deployment I would guess you would have many sub-interfaces "router on a Stick":

For example:

interface fastethernet 0/0.10

  encapsulation dot1q 10

  ip address 10.0.0.1 255.0.0.0

  ip nat inside

 

Then you do the same for the other subnets.

 

4. Place the "ip nat outside" in the egress interface:

 

interface fastethernet 0/1

  ip nat outside

 

Now if you want to do it per subnet you will need to use ip nat pools, but follows the same logic, let me know if this helped and if you have any other doubt,

 

Please proceed to rate all helpful posts and mark as correct if this answered your query!

 

David Castro,

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents