10-26-2011 03:49 PM - edited 03-04-2019 02:04 PM
I have multiple standalone networks on the same IP subnet 192.168.0.0/24. Now I need to tie them all together and I can’t change the existing addresses. What I’d like to do is assign a different public facing subnet to each standalone network and use NAT to map between them. So 10.0.0.0/24 would map to 192.168.0.0/24 on interface G0/1, 10.0.1.0/24 would map to 192.168.0.0/24 on interface G0/2, 10.0.2.0/24 would map to 192.168.0.0/24 on interface G0/3, etc. Interface G0/0 would be the public facing interface. All the hosts on the standalone networks point to 192.168.0.1 for their gateway.
Is it possible to do this on a single catalyst or router? Assigning 192.168.0.1 on multiple interfaces on a single piece of gear doesn’t seem realistic. My fallback would be to use a smaller router for each standalone network and tie them all together. If I could get away with a single larger piece of gear, that would be my preference.
Any help would be much appreciated.
Thanks,
-Daniel
10-31-2011 08:51 PM
Hi Daniel
you can do it on single device but as long as the subnets overlap you will need to use VRF lite
in this case keep the outside interface in the global routing table while the the over lapped interfaces can be put in differnt VRF
and by using NATed VRF you can nat each subnet-per vrf to diffrent global IP
hope this help
if helpful Rate
11-02-2011 04:08 PM
Thanks for the tip on VRF marwanshawi. That seems to be exactly what I need to use. It’s not supported on my 3560-E catalyst, but it is supported on my 2911 router. I’ve been trying to make it work and I’m getting the packets correctly one way, but not the other. Here my (abridged) config:
ip vrf net1
!
ip vrf net2
!
interface GigabitEthernet0/0
ip address 10.0.0.1 255.255.255.0
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/1
ip vrf forwarding net1
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/2
ip vrf forwarding net2
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
ip nat inside source static network 192.168.1.0 10.0.1.0 /24 vrf net1
ip nat inside source static network 192.168.1.0 10.0.2.0 /24 vrf net2
!
So, I have laptop A on 10.0.0.20 hooked to interface g0/0 and laptop B on 192.168.1.20 hooked to interface g0/1. When I ping 10.0.1.20 from laptop A, I see the ICMP packet on laptop B with the NATed addresses looking correct (src=10.0.0.20 dst=192.168.1.20). When laptop B tries to respond (src=192.168.1.20 dst=10.0.0.20) it get an ICMP destination unreachable response from the router (192.168.1.1). When I dump the routing table for vrf net1 I get:
192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.1.0/24 is directly connected, GigabitEthernet0/1
L 192.168.1.1/32 is directly connected, GigabitEthernet0/1
When I dump the global routing table I get:
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.0.0.0/24 is directly connected, GigabitEthernet0/0
L 10.0.0.1/32 is directly connected, GigabitEthernet0/0
This leaves me with a few questions.
Thanks,
-Daniel
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide