Re: NAT interface accessibility

tomrayjr · ‎10-20-2010

I have a router with the following 2 interfaces:

interface Vlan1
description "192_Network"
ip address 192.168.1.253 255.255.255.0
ip nat inside
ip virtual-reassembly

interface FastEthernet4
description "172_Network"
ip address 172.16.1.253 255.255.255.0
ip mask-reply
ip nat outside
ip virtual-reassembly
no cdp enable

The NAT statement we use so specific traffic from 192 gets translated to 172:

ip nat inside source static 192.168.1.1 interface FastEthernet4

NAT works fine and has no issues. The problem is FastEthernet4 (172.16.1.253) is my switch management IP as well, and I can no longer ssh into the interface on my LAN to manage the switch. Any ideas?

Jon Marshall · ‎10-20-2010

Do you get to the fa4 interface via vlan 1 ?

Jon

tomrayjr · ‎10-20-2010

No, FE4 is connected directly to our inside switched network, while the VLAN1 interface connects to another entity.

Jon Marshall · ‎10-20-2010

Then i can't see why this wouldn't work. If you had a static NAT statement i could understand. If i get the chance i'll lab it up and see what happens.

Jon

tomrayjr · ‎10-20-2010

It is a static NAT.

ip nat inside source static 192.168.1.1 interface FastEthernet4

mrdogantr · ‎10-20-2010

hi,

you can use fallowing config and access router on secondary ip .

interface FastEthernet4
description "172_Network"
ip address 172.16.1.253 255.255.255.0

ip address 172.16.1.252 255.255.255.0 secondary

ip nat outside

ip nat inside source static 192.168.1.1 172.16.1.253

Regards,

Muammer