cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Bookmark
|
Subscribe
|
971
Views
0
Helpful
5
Replies

NAT interface accessibility

tomrayjr
Level 1
Level 1

I have a router with the following 2 interfaces:

interface Vlan1
description "192_Network"
ip address 192.168.1.253 255.255.255.0
ip nat inside
ip virtual-reassembly

interface FastEthernet4
description "172_Network"
ip address 172.16.1.253 255.255.255.0
ip mask-reply
ip nat outside
ip virtual-reassembly
no cdp enable

The NAT statement we use so specific traffic from 192 gets translated to 172:

ip nat inside source static 192.168.1.1 interface FastEthernet4

NAT works fine and has no issues. The problem is FastEthernet4 (172.16.1.253) is my switch management IP as well, and I can no longer ssh into the interface on my LAN to manage the switch. Any ideas?

5 Replies 5

Jon Marshall
Hall of Fame
Hall of Fame

Do you get to the fa4 interface via vlan 1 ?

Jon

No, FE4 is connected directly to our inside switched network, while the VLAN1 interface connects to another entity.

Then i can't see why this wouldn't work. If you had a static NAT statement i could understand. If i get the chance i'll lab it up and see what happens.

Jon

It is a static NAT.

ip nat inside source static 192.168.1.1 interface FastEthernet4

mrdogantr
Level 1
Level 1

hi,

you can use fallowing config and access router on secondary ip .

interface FastEthernet4
description "172_Network"
ip address 172.16.1.253 255.255.255.0

ip address 172.16.1.252 255.255.255.0 secondary

ip nat outside

ip nat inside source static 192.168.1.1 172.16.1.253

Regards,

Muammer