cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
521
Views
0
Helpful
3
Replies

NAT of PUBLIC IP in Cisco 800

mannschaft
Level 1
Level 1

Hi All,

i'm running Cisco 800 with 3 public IP that i'v bought from my ISP, 2 are in the same subnet, and the third one is in different subnet.

this is my Network :

LAN ----> Firewall---> Cisco800--->Internet

in the inside i have make a network with the 2 IP adresses that are in the same subnet. in the outside of the router i have configured the third one that is in different classe.

the router can connect to internet, but my LAN can not connect to internet.

i think i have problems in NAT, someone have configured this before ?

Please Help.

Thanks & Regards.

3 Replies 3

JORGE RODRIGUEZ
Level 10
Level 10

Most likely is your NAT configuration, who is doing NATing the router or your firewall?

If firewall is NATing what type PIX/ASA? can you post sanatized config for firewall.

Rgds

Jorge

Jorge Rodriguez

Hi Jorge,

i have Symantec Firewall, i'm not experiensed with this firewall so another guy will work on it, he is just asking to configure NAT on the router. so at first he will configure on the outside interface of the firewall this kinda IP : 46.250.240.1 and i will configure in the Inside interface of the Router this IP : 46.250.240.2 thos 2 IP are Public and we have bought from our ISP.

at the Outside of the router i will configure this public IP : 46.254.230.80

this IP will serve to connect to internet. as you can see Lan between the router and the firewall is in different subnet as the outside interface of the router. so what can i configure as NAT in the router to make the outside interface of the firewall and the LAN connected to internet.

Thanks in advance.

Ok , what model 800 are u using, I want to see the specs.

LAN-46.250.240.1 <-->46.250.240.2

Then 800Router-outside>46.254.230.80

is the above correct?

on router you would probably have a default route to 46.254.230.x which is upstream ISP router so perhaps you do not need to do the NATing on the router but have the fw do the natting since your fw outside interface has public IP.

I would in fw have a default route pointing to 46.250.240.2, and from fw PAT your inside LAN against your FW outside interface.

Does it makes sence?

Rgds

Jorge

Jorge Rodriguez
Review Cisco Networking for a $25 gift card