1 to 1 NAT thru tunnel and 1 to Many NAT to Interne from same Lan IP space?

jerry.roy · ‎08-15-2005

I need to know if it is possible to Nat out 2 interfaces on a 831 with Split tunneling using same lan space. I have hundreds of branch offices that need one to one nat via tunnel (unique space in tunnel, same space on lan of each branch, they do not want to renumber). I will have a lan, wan and tunnel interface. I need to have one to one mappings from unique space from tunnel to get to workstations on lan for support of workstations. BUT, I also need to allow all lan workstations to get to internet via default gateway via nat. Can this be done?

See attached gif image.

kamlesh.sharma · ‎08-15-2005

Yes you can nat to two different interface just use route map to set the next hope for them

ip nat pool tunnel 172.16.0.0 172.16.0.255 prefix-length 24

ip nat inside source route-map internet interface fastethernet0/1 overload

ip nat inside source route-map via_tunnel pool tunnel

!

access-list 101 permit

access-list 102 deny any

access-list 102 permit any any

!

route-map internet permit 10

match ip address 102

set interface fastethernet0/1

!

route-map via_tunnel permit 10

match ip address 101

set interface tunnel0

!