cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
712
Views
0
Helpful
7
Replies

Cisco 1841 nat hide behind each interface with its ip address

themichman
Level 1
Level 1

I have a Cisco 1841, coming from the 10.100.100.0 network, i would like to be natted for the 10.20.1.0 network as i was coming from the 10.20.1.1 interface and for the 10.50.1.0 network as i was coming from the 10.50.1.1

 

thank you

 

 nat.png

 

7 Replies 7

Hello,

 

what do you want to NAT ? Please indicate source (inside) and destination (outside) of what you want to achieve...

10.100.100.1 is the inside (source)

 

10.20.1.1 is outside (destination is the 10.20.1.0 network)

 

10.50.1.1 is outside (destination is the 10.50.1.0 network)

 

 

Hello

 


@themichman wrote:

10.100.100.1 is the inside (source)

 

10.20.1.1 is outside (destination is the 10.20.1.0 network)

 

10.50.1.1 is outside (destination is the 10.50.1.0 network)

 

 


Humm  it very possible but you sure you don't mean the other away around?

if you dont what is the size of the 10.100.100.0 network and do wish 1:1 translation between these two hosts and the your internal network?


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

the 10.100.100.0 is only two host network,it just an interconnect from a firewall interface to the router,it represents an interface on a firewall device with other networks.

 

the other networks are client network we need to support, they used to be connected to the firewall as well, but we need the extra interface for expansion, so we decided  to take an old Cisco 1841 that was laying around for the purpose of routing, but we cannot touch the clients equipment , they expect to receive traffic from a specific ip address, thats why the NAT.

 

for example, when i need to access the 10.20.1.0 network, im coming from ,lets say 192.168.0.0 behind the 10.100.100.1 interface, the equipment on the 10.20.1.0 network is expecting traffic from the 10.20.1.1 interface (access list i suppose) but it will see the source address as 192.168.0.10 and not 10.20.1.1 and the same on the 10.50.1.0 network, thats way we need the NAT on the Cisco for both networks

Hello

now that is clear - how do wish this this to be done in terms of the translation-

 

Exmaple:

1:1 translation 

192.168.0.10 - 10.20.0.1

192.168.0.11 - 10-50.0.1

 

or 

dynamically  for certain protocol ports etc

192.168.0.0 tcp 80 - 10.20.0.1

192.168.0.0 udp 53 - 10.50.0.1

 

 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

similar to 1:1 but not exactly

 

for example if a random client on the 192.168.0.0 network want to access the 10.20.1.0 network

 

192.168.0.123 - > nat 10.20.1.1

 

and another client 192.168.0.222 want at the same time access the same network

 

192.168.0.222 -> nat 10.20.1.1

 

and also at the same time another client 192.168.0.96 want to access the 10.50.1.0 network

 

192.168.0.96 -> nat 10.50.1.1

Hello

You dont need to use the 10.100.100.0 subnet if you are using the 192.168.0.0 network that is unless you wish to?

Example:

 

1841 rtr
int fe0/0
ip nat inside
ip address 192.168.0.1 255.255.255.0

int vlan 2
ip address 10.20.1.1 255.255.255.0
ip nat outside

int vlan 3
p address 10.50.1.1 255.255.255.0
ip nat outside

 


access-list 10 permit 192.168.0.0 0.0.0.255

route-map vlan2 permit 10
match ip address 10
match interface vlan2

 

route-map vlan3 permit 10
match ip address 10
match interface vlan3

ip nat inside source route-map vlan2 interface vlan2 
ip nat inside source route-map vlan3 interface vlan3







Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
Review Cisco Networking for a $25 gift card