Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
11601
Views
20
Helpful
15
Replies

Multiple NAT pools

benlemasurier
Level 1
Level 1

‎06-16-2010 10:39 AM - edited ‎03-04-2019 08:48 AM

Hey everyone,

Until today, I've had a single static IP address to the outside world, using NAT for internal machines.

interface GigabitEthernet0/0

description EXTERNAL

ip address 68.65.214.18 255.255.255.248

ip nat outside

!

interface GigabitEthernet0/1

description INTERNAL

ip address 192.168.0.1 255.255.252.0

ip nat inside

!

ip nat inside source list 15 interface GigabitEthernet0/0 overload

access-list 15 permit 192.168.0.0 0.0.255.255

ip default-gateway 68.64.214.17

Today we've upgraded our line and obtained an additional subnet from our ISP: 216.242.39.128/27. I'd like you utilize the additional block for dynamic NAT translation. Can anyone point me in the right direction?

Thanks!

Ben

(by the way, this is for a cisco 2821)

1 person had this problem
Labels:
0 Helpful
15 Replies 15

paul driver
VIP
VIP

‎10-12-2023 09:07 PM - edited ‎10-12-2023 09:08 PM

Hello @CentrepathNCC_2 

My questions are;
1) How do I configure two NAT pools one for each ISP?
2) How do you configure the router to use NAT Pool for ISPa when ISPa service is available
3) How do you configure the router to use NAT Pool for ISPb when ISPa Peering fails and I'm no longer receiving a Default Route (and the floating static will be used)

@bowo 
Could you show me some config sample for this multiple IP pools and bind using route map ?
I do have similar problem with this single ISP interface with 2 public ip segment that need to be NAT

The below should allow nat failover from the primary ISPa to the Secondary ISPb as/when ipsla reachability via your primary wan interface fails which is polling that external ip address.

Also it should negate IPSLA Tacking from re-restabilising if the same polled external ip then  becomes reachable via ISPa sourced from your primary wan interface.

ISP Nat with dual links, Primary/secondary

ip sla 1
icmp-echo 8.8.8.8 source-interface <ISPa interface>
ip sla schedule 1 life forever start-time now
track 1 rtr 1 reachability

access-list 101 permit icmp host <ISPa interface> host 8.8.8.8 echo
route-map ipsla
match ip address 101
set ip next-hop (next hop of ISPa interface)
set interface null0
ip local policy route-map ipsla

ip route 0.0.0.0 0.0.0.0 <ISPa interface> x.x.x.x 1 name Primary track 1
ip route 0.0.0.0 0.0.0.0 <ISPb interface>y.y.y.y. 200

ip access-list extended 100
permit ip 192.168.0.0 0.0.0.255  any

route-map LAN permit 10
match ip address 100
match interface <ISPa interface>

route-map LAN2 permit 10
match ip address 100
match interface <ISPb interface>

ip nat inside source route-map LAN interface <isp1 interface> overload
ip nat inside source route-map LAN2 interface <isp2 interface> overload
ip nat service enable-sym-port (IOS software only)


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful
Customers Also Viewed These Support Documents