Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2500
Views
0
Helpful
2
Replies

router config and Nat with Public IP

Go to solution
davidfield
Level 3
Level 3

‎06-18-2012 03:47 PM - edited ‎03-04-2019 04:43 PM

Hello All,

I have a task for a config I have not done before. I'm replacing an older 831 and PIX with a Cisco 881 router with Firewall feature set.  The router receives its public IP address dynamically and there is a static public IP range also assigned with a couple of NAT statements on the PIX for a few public IP's

I'm ok with the core router config but the range is where I'm a little stuck.  Current setup is as follows

Internet ---------- Router( Public intf Dynamic IP----internal intf Range IP)Router-------------PIX (outside intf Range IP---------Inside intf private net)Pix-------

As per the aboive the PIX had a public IP address from the range on the outside interface with a default route to the Router inside interface which uses a public range addres.

With my proposed config I've setup the outside interface as dynamic and just created my nat statements for the Range IP's.  I believe I'm correct that I do not need to actually have a Range IP address configured on the router? Can anyone please confirm I'm on the right track (Basic config attached).            

Regards

Dave

    

Labels:
Preview file
60 KB
130012-Basic config.txt.zip
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
medhat elsaeed
Level 1
Level 1
In response to davidfield

‎06-19-2012 06:59 PM

Hi all,

  • I believe I'm correct that I do not need to actually have a Range IP address configured on the router?

Yes, you are correct

But i have a comment on your configuration

ip nat inside source static x.x.x.154 192.168.1.23

ip nat inside source static x.x.x.155 192.168.1.10

ip nat inside source static x.x.x.156 192.168.1.250

ip nat inside source static x.x.x.157 192.168.1.251

Those commands needs to be changed to

ip nat inside source static  192.168.1.23 x.x.x.154

ip nat inside source static 192.168.1.10 x.x.x.155

ip nat inside source static 192.168.1.250 x.x.x.156

ip nat inside source static 192.168.1.251 x.x.x.157

because the inside interfaces is from the subnet 192.168.1.0/24 which you has determined it using the (IP nat inside command)

Regards.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
davidfield
Level 3
Level 3

‎06-18-2012 11:12 PM

Anyone got 5min to coment or give your thoughts?  

Dave

0 Helpful

Go to solution
medhat elsaeed
Level 1
Level 1
In response to davidfield

‎06-19-2012 06:59 PM

Hi all,

  • I believe I'm correct that I do not need to actually have a Range IP address configured on the router?

Yes, you are correct

But i have a comment on your configuration

ip nat inside source static x.x.x.154 192.168.1.23

ip nat inside source static x.x.x.155 192.168.1.10

ip nat inside source static x.x.x.156 192.168.1.250

ip nat inside source static x.x.x.157 192.168.1.251

Those commands needs to be changed to

ip nat inside source static  192.168.1.23 x.x.x.154

ip nat inside source static 192.168.1.10 x.x.x.155

ip nat inside source static 192.168.1.250 x.x.x.156

ip nat inside source static 192.168.1.251 x.x.x.157

because the inside interfaces is from the subnet 192.168.1.0/24 which you has determined it using the (IP nat inside command)

Regards.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card