Solved: NAT question

WallaceVanDunk1494 · ‎09-16-2019

I just bought myself a 7206VXR for my home lab. This is replacing a typical home router, but I'm curious about the NAT configuration

Say the interface that connects to the ISP is x.x.x.x

The interface that connects to the house is 192.x.x.x

So I have a core switch that this router will connect to which has SVI's for 10.5.5.x, 10..5.6.x and 10.5.7.x. Those are trunked to access switch and then go out to various virtual servers, file servers, etc.

I just want to verify the NAT configuration.

I think I can do this with an ACL on the new 7206VXr which will be my new edge router. Here's what I am planning

ip access-list standard NAT

permit 10.5.5.x 0.0.0.255

permit 10.5.6.x 0.0.0.255

permit 10.5.7.x 0.0.0.255

permit 192.x.x.x 0.0.0.255

int g0/0/0

ip nat outside

int g0/0/1

ip nat inside <-- this being the 192.x.x.x that is going to serve the majority of the house outside of the lab, including WiFi

ip nat inside source list NAT interface g0/0/0 overload

Will this work, or am I missing something?

Thanks in advance!

Georg Pauwen · ‎09-16-2019

Hello,

the configuration looks fine and should work...

View solution in original post

Georg Pauwen · ‎09-16-2019

Hello,

the configuration looks fine and should work...

Francesco Molino · ‎09-16-2019

Hi

This should work. Don't forget the default route on your switch to point to your router 192.168.x.x.
This also means that you will need a svi in this 192.168 subnet on your switch to communicate with your router to access internet.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

luis_cordova · ‎09-16-2019

Hi @WallaceVanDunk1494 ,

I think that a default route to take packets from your LAN abroad would be missing on your router:

ip route 0.0.0.0 0.0.0.0 g0/0/0

Regards