12-18-2008 06:23 AM - edited 03-04-2019 12:45 AM
Hi,
how can i config nat in router..using "Only WAN" ip.ISP has blocked entire /28 lan ip due to some span issue....for time being thought of using wan ip for NATing ... can some one help me in configuring the same ...would be very much appreciated ...
thanks in advance
Solved! Go to Solution.
12-18-2008 07:02 AM
You're missing "ip nat out" on your serial interface.
That should fix it.
HTH,
John
*please rate if helpful*
12-18-2008 07:11 AM
Hello Bharthi,
nat translations entries are created based on a traffic
with a PC on net 192.168.0.x try to navigate over the internet
Hope to help
Giuseppe
12-18-2008 06:34 AM
Hello Bharti,
you need to define the lan interface as NAT inside
the wan as nat outside
int f0/0
desc lan
ip nat inside
ip address 10.10.10.1 255.255.255.0
int s0/0
desc wan
ip nat outside
ip address xx.xx.xx.2 255.255.255.252
access-list 11 permit 10.10.10.0 0.0.0.255
ip nat inside source list 11 interface s0/0 overload
the overload keyword allows for PAT
this is enough for basic nat to access the internet
use sh ip nat translations to see the activity of NAT
note:
if you have also advanced requirements like an ipsec tunnel to another site some more tuning is needed
Hope to help
Giuseppe
12-18-2008 06:59 AM
Hi Gui,
Thanks for the update ..i ve done the same config but not able to see any nat transaction ...also see the router config below
XX#s run
!
memory-size iomem 25
ip subnet-zero
ip name-server XX.XX.XX.XX
ip name-server XX.XX.XX.XX
!
!
class-map match-all VOICE_PUBLIC
match access-group 112
class-map match-any SMTP_CLASS
match access-group 111
class-map match-any REST_ClASS
match any
class-map match-any VOICE_CLASS
match ip precedence 5
!
!
policy-map MOD_QOSPOLICY
class VOICE_CLASS
bandwidth percent 20
class SMTP_CLASS
bandwidth percent 20
class VOICE_PUBLIC
bandwidth percent 5
class REST_ClASS
bandwidth percent 30
!
!
!
!
interface FastEthernet0/0
ip address 192.168.0.1 255.255.255.0
ip nat inside
speed auto
!
interface BRI0/0
no ip address
shutdown
!
interface Serial1/0
ip address XX.XX.XX.XX 255.255.255.252
service-policy output MOD_QOSPOLICY
!
ip nat inside source list 11 interface Serial1/0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 Serial1/0
no ip http server
!
access-list 11 permit 192.168.0.0 0.0.0.255
snmp-server community modely RO
!
modelytics#s ip nat tran
XX#
12-18-2008 07:02 AM
You're missing "ip nat out" on your serial interface.
That should fix it.
HTH,
John
*please rate if helpful*
12-18-2008 07:07 AM
Hi,
Thanks for the hlp it was my misatake ..changed the same but still not showing the same
interface FastEthernet0/0
ip address 192.168.0.1 255.255.255.0
ip nat inside
speed auto
!
!
interface Serial1/0
ip address XX.XX.XX.XX 255.255.255.252
ip nat outside
service-policy output MOD_QOSPOLICY
!
ip nat inside source list 11 interface Serial1/0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 Serial1/0
no ip http server
!
access-list 11 permit 192.168.0.0 0.0.0.255
snmp-server community modely RO
!
modelytics#
modelytics#
modelytics#s ip nat tran
modelytics#
modelytics#
modelytics#
Lijesh.N.C
12-18-2008 07:11 AM
Hello Bharthi,
nat translations entries are created based on a traffic
with a PC on net 192.168.0.x try to navigate over the internet
Hope to help
Giuseppe
12-18-2008 07:24 AM
Thanks gui its working thans for the valuable supprt ...
Lijesh.Nc
12-18-2008 07:25 AM
Thanks J its working thans for the valuable supprt ...Thanks for poiting the mistake ..i ve rated ..
Lijesh.Nc
12-18-2008 06:35 AM
Example:
int fa0/0
ip address
ip nat out
int fa0/1
ip address 10.1.0.1 255.255.255.0 (private ip)
ip nat in
ip nat inside source list 1 inter fa0/0 overload
access-list 1 permit 10.1.0.0 0.0.0.255
HTH,
John
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide