10-05-2007 11:44 AM - edited 03-03-2019 07:03 PM
Hi all:
I've got a bit of a dilemma that I'm hoping you can help me solve.
I've got a list of outside IP addresses that I'd like to put into a NAT pool. Here's the problem - the pool is currently setup with PAT to a single IP, and I need to expand the pool. The real issue is that I can't use the IPs in line right after it due to them being in use, so I have to grab some from a lower number. How would I go about doing this? My attempts so far have been on a test router (luckily) so I can get to play with this.
My config currently looks like this (on a 2651 router - IP addresses changed):
interface FastEthernet0/0
description To PIX
ip address 10.0.95.9 255.255.255.240
ip nat inside
ip route-cache flow
speed 100
full-duplex
!
!
interface FastEthernet0/1
description INTERNET
bandwidth 10000
ip address 10.0.41.194 255.255.255.224
ip access-group 101 in
ip nat outside
ip route-cache flow
speed 10
full-duplex
ip nat pool TEST 10.0.41.194 10.0.41.194 netmask 255.255.255.224
ip nat inside source list 102 pool TEST overload
access-list 101 permit <hosts>
access-list 102 permit ip any any
access-list 102 permit icmp any any
I realize the overload needs to be removed, and that the ACL will need to be updated, but that's in production at the moment.
I'm looking to use the range 10.0.41.208 - 10.0.41.212 in the second dynamic pool (if I can do it).
Any ideas?
Thanks in advance!
Solved! Go to Solution.
10-08-2007 09:26 PM
Hi,
I've had a look at how we've configured NAT on our router.
One thing I've found is that you can have multiple "address" statements within a NAT pool:
ip nat pool BLAH prefix-length 24
address 192.168.1.1 192.168.1.100
address 192.168.1.200 192.168.14.254
!
In this case, we're not really doing PAT, but 1:1 dynamic natting.
Hope this sparks an idea for you!
- bec
10-08-2007 05:39 AM
Since there are no replies to this, I'm wondering if this is even doable.
Any input is appreciated.
10-08-2007 09:26 PM
Hi,
I've had a look at how we've configured NAT on our router.
One thing I've found is that you can have multiple "address" statements within a NAT pool:
ip nat pool BLAH prefix-length 24
address 192.168.1.1 192.168.1.100
address 192.168.1.200 192.168.14.254
!
In this case, we're not really doing PAT, but 1:1 dynamic natting.
Hope this sparks an idea for you!
- bec
10-09-2007 03:42 AM
Hi Bec,
Thanks for the heads up on that usage! I'll have to try it out and see if I can use it.
Walter
10-09-2007 06:42 AM
Thanks Bec!
That resolved my issue (once I figured my ACL 101 was blocking some IPs I had).
Walter
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide