08-12-2007 11:05 AM - edited 03-03-2019 06:18 PM
I'm trying to work out what this config is achieving, this is a config from an 1841 that links to a LAN (LAN port) and a 1811 router (outside port) on a remote network.
Why is there a NAT that starts and ends on the same range?
interface FastEthernet0/0
description *** LAN INTERFACE ***
ip address 192.168.8.1 255.255.255.0
ip nat inside
duplex auto
speed auto
!
interface FastEthernet0/1
description ** OUTSIDE INTERFACE TO 1811 Router **
ip address 10.152.1.226 255.255.255.224
ip nat outside
duplex auto
speed auto
!
ip classless
ip route 170.x.x.0 255.255.0.0 10.152.1.225
ip route 192.168.8.0 255.255.255.0 192.168.8.254
!
ip http server
ip http authentication local
ip http timeout-policy idle 600 life 86400 requests 10000
ip nat pool Servers 10.152.1.230 10.152.16.230 netmask 255.255.255.224
ip nat inside source list 103 pool Servers overload
!
access-list 103 remark Servers
access-list 103 permit ip 192.168.8.0 0.0.0.255 170.30.0.0 0.0.255.255
I Hope you can explain this config for me.
08-12-2007 11:10 AM
>Why is there a NAT that starts and ends on the same range?
_____________
Because you want to 'overload' on just that one IP, in other words, PAT the entire network out to the internet just like you would do with the interface overload command.
Based in your netmask, you were allocated a group of 30 addresses and you are using .226 and .230 at the moment. Perhaps, there are plans to use .227-229 and .231-254 for other purposes such as static NAT for servers/services.
BTW, you have a typo on the pool - 3rd octect should be 1 not 16.
08-12-2007 11:25 AM
So that overload pats all the lan traffic to a single IP?
08-12-2007 11:32 AM
No, on 4080 because the mistake that Edison has spotted :)
08-12-2007 12:23 PM
He is correct it should be a 1, so its a Pat to a single addesses?
08-12-2007 11:32 AM
Correct, in your case only when the source is 192.168.8.0/24 and the destination is 170.30.0.0/16
All other traffic isn't translated
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide