05-31-2012 01:46 AM - edited 03-07-2019 06:59 AM
hello everyone,
I am facing a problem and i have no idea how to solve it since its is above my current level of expertise so i need some expert assistance here.
I Have a 1841 setup home for my personal ADSL Wireless/Router/ (Lol yes its ubber).
Recentrly i constracted a wireless installation with a mikrotik router on my roof to get access to an urban LAN with a 10.0.0.0/8 range.
My cisco is connected to an ADSL+ interface with a static ip and nated with Dialer1 overload.
Fast0/1 is bridged with my Wifi Interface and provide a 192.168.0.0/24 range for my home network.
Fast0/0 is connected to the mikrotik router with a 10.2.101.0/24 (could be 30 no problem with that since i own the 10.2.101.0/24 urban subnet)
My Dialer1 nat works fine when i access the internet but i fail to access the 10.0.0.0 network from my home clients.
When logged into my cisco all networks are fully accessible.
When Nating the 192.168.0.0 on my mikrotik everything works.
what i need to do is turn of mikrotik nat and make a dual nat on my cisco. I know i cant make that happen with Ip nat and that i need
route-maps but i have no idea how it works since its beyond my knowledge.
Can someone provide some help with this command and how it actually works?
Thanks.
Solved! Go to Solution.
05-31-2012 02:02 AM
Hi,
get rid of your nat overload statement and try this:
access-list 1 permit 192.168.0.0 0.0.0.255
route-map NAT_MIKROTIK permit 10
match ip address 1
match ip next-hop 10.2.201.x where x is the Ip address of the Mikrotik
route-map NAT_DIALER permit 10
match ip address 1
match interface dialer1
ip nat inside source route-map NAT_MIKROTIK interface f0/0
ip nat inside source route-map NAT_DIALER interface dialer1
int f0/0
ip nat outside
you'll need 2 static routes for this:
-your default pointing out dialer1
-the one for the wireless network going to mikrotik next-hop ip.
Regards.
Alain
05-31-2012 02:02 AM
Hi,
get rid of your nat overload statement and try this:
access-list 1 permit 192.168.0.0 0.0.0.255
route-map NAT_MIKROTIK permit 10
match ip address 1
match ip next-hop 10.2.201.x where x is the Ip address of the Mikrotik
route-map NAT_DIALER permit 10
match ip address 1
match interface dialer1
ip nat inside source route-map NAT_MIKROTIK interface f0/0
ip nat inside source route-map NAT_DIALER interface dialer1
int f0/0
ip nat outside
you'll need 2 static routes for this:
-your default pointing out dialer1
-the one for the wireless network going to mikrotik next-hop ip.
Regards.
Alain
05-31-2012 04:03 AM
Thank you alain. I will reconfigure my router as soon as i get back home from work.
I would like to ask a couple of questions if possible though.
1. Is the overload command not needed anymore with route-map?
2. Can i implement static nat with route-map? I have a couple of machines that have static entries to certain ports.
Thanks again.
05-31-2012 04:50 AM
Hi,
1) no when you specify an interface the IOS automatically adds the keyword overload in the config
2) yes you can use route-map with static nat, but what do you want to do exactly ?
Regards.
Alain
06-01-2012 12:34 AM
For example i have the followin lines mapping certain global address ports to different inside addresses ports..
ip nat inside source static tcp 192.168.0.3 25 interface Dialer1 25
ip nat inside source static tcp 192.168.0.10 9091 interface Dialer1 9091
Is that implemented in the same way with route-map?
06-01-2012 04:37 AM
Hi,
I suppose you want the same mappings but through the wireless link ?
If so then you can use the extendable keyword at the end of the static pat entries:
ip nat inside source static tcp 192.168.0.3 25 interface Dialer1 25 extendable
ip nat inside source static tcp 192.168.0.3 25 interface f0/0 25 extendable
Regards.
Alain
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide