cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
11576
Views
9
Helpful
10
Replies

Many-to-One NAT configuration

Daniel Anderson
Level 1
Level 1

Trying to configure a many-to-one NAT on a Cisco 3845 router running 12.4-7 IOS. I've configured:

ip nat pool Temp 10.11.12.13 10.11.12.13 netmask 255.255.255.255

ip nat inside source list 20 pool Temp overload

!

access-list 20 remark NAT Traffic

access-list 20 permit 10.10.0.0 0.0.255.255

access-list 20 permit 10.20.0.0 0.0.255.255

With the above configuration I'm trying to get all traffic from 10.10.0.0/16 & 10.20.0.0/16 NAT'd to 10.11.12.13. My only concern is whilst configuring the MAT pool, when I specify the /32 netmask, I receive an error specifying the netmask is too large. Should I be using a different netmask, even though I've specified the start and end addresses as the same?

I've not yet had time to build the above configuration in the lab, would some NAT experts be able to share their knowledge?

Thanks

10 Replies 10

mahmoodmkl
Level 7
Level 7

HI

U need to enter the correct mask which is given to u.

And have u configured the proper nat statments under the interfaces ie ip nat inside and ip nat outside.

Thanks

Mahmood

rajeshk200_2
Level 1
Level 1

Hi ,

if it only one ip address has to be used for translation ..then u can configure withput nat pool command

ip nat inside source list 20 10.11.12.13 overload

HTH

Regards,

Rajesh

Thanks for the responses

'ip nat inside source list 20 10.11.12.13 overload' is not configurable as a command, after entering source list 20, I can only configure interface or pool afterwards.

With regard to the netmask configured on the pool command, I've currently configured with a /32 which kicks up an error, should I be using /8 or /24 ?

Thanks

Try /31

rtaulton
Level 1
Level 1

you cannot configure a 32 bit mask. Use a smaller mask and you will be okay. It will not affect your NAT.

senthilmds
Level 1
Level 1

Hi

be specific with your nat ouside interface wheather it is one or two interface. has your inside interface is class B /16. use the below command

ip nat pool test 10.11.12.13 10.11.12.13 netmask 255.255.0.0

Thanks

leonard.kasneci
Level 1
Level 1

try the following config:

interface loopback 1

ip address 10.11.12.13 255.255.255.255

ip nat outside

ip nat inside source list 20 interface loopback 1 overload

Leonard

rawatmohinder
Level 1
Level 1

Hi Daniel...

If you want to use two Public Ip Address,then command will be like this...

ip nat pool Temp 10.11.12.13 10.11.12.14 netmask 255.255.0.0

ip nat inside source list 20 pool Temp overload

!

access-list 20 remark NAT Traffic

access-list 20 permit 10.10.0.0 0.0.255.255

access-list 20 permit 10.20.0.0 0.0.255.255

Second if you want to go with single public Ip address..

Then command are....

ip nat inside source list 1 s1 overload

!

access-list 20 remark NAT Traffic

access-list 20 permit 10.10.0.0 0.0.255.255

access-list 20 permit 10.20.0.0 0.0.255.255

Give your public ip on serial 1 interface..

Hope it helps..

Rate the post if find it useful...

Thanks

Mahi

The commands to NAT to one IP is not so clear. could you please share the commands again .

Hello

If you wish to use a nat to a single host pool then you need to specify the correct subnet mask that public ip residesin which wont obviously be a /32 address as it will be connected to your next-hop device.

ip nat pool Temp 10.11.12.13 10.11.12.13 netmask 255.255.255.255

10.11.12.13 10.11.12.13 netmask 255.255.x.x


ip nat inside source list 10 pool Temp

The other alternative is to specify the the interface instead of a pool.

ip nat inside source list 20 interface x/x


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco