Hi Mark

Are there any software version requirement on C881 to achieve NAT overload configuration on SVI ?

As I know some router Switch port with SVI cannot support NAT overload. 

Thanks.

Matthew

Hi Matthew

that's correct no catalyst switch can perform NAT , but you have a hybrid router/switch more router really with a switch moduke in built so 800 series perform NAT as standard function

No specific ios version required for it to work , there considered smb small business router so these functions are included as basic, things like pbr you would need a high license on it but NAT works out of the box on all level licences

Hi Mark

Can you define the meaning of "IPS" in the reply   "your ips attached to the ports are part of vlan 1 and using ips based in specified in your nat rule list 20"

Do I need to use PBR to set the SVI as the interface out to achieve NAT overload using SVI ?

Thanks a lot.

Matthew

Hi

Can you define the meaning of "IPS" in the reply   "your ips attached to the ports are part of vlan 1 and using ips based in specified in your nat rule list 20"

You have set a list 20 as the acl for the NAT translations , the pcs/devices connected to switch module must be part of that subnet range to be translated , i cant see that acl so i was just saying that to make sure it includes 192.168.0.0/24

Do I need to use PBR to set the SVI as the interface out to achieve NAT overload using SVI ?

No absolutely not it was just an example to show the differences with licenses , nat works as standard on basic license

Hi Mark

Thanks for your detail explaination.

Actually the acl 20 is capturing other subnet

e.g 192.168.5.0/24,192.168.6.0/24

which those network are hosting under the lan network and will be routed to c881 router an need to be nat mapped to lan ip 192.168.0.1

I believe the NAT overload using SVI still work on C881.

Am I correct?

Thanks.

Matthew

Hi

your ip nat inside is set only for vlan 1 from what I see unless you have another vlan for the other 2 subnets with ip nat inside set as well  it will only currently translate for vlan 1 192.168.0.0/24 and any layer 2 port that's assigned to that vlan

if you have multiple vlans then you need to apply it to each vlan interface , so one of your switchports back to your switch would need to be trunk for all vlans or else assign a port to each vlan on your switch module on the router , then have each vlan interface created for each subnet and then apply ip nat inside for each of them

Only the subnets/interfaces with ip nat inside will translate , if that's not applied it wont work for those subnets

This doc shows it for individual ports but your using vlans/svis so ip nat inside must be applied to each , its still a good reference for overload though

http://www.firewall.cx/cisco-technical-knowledgebase/cisco-routers/260-cisco-router-nat-overload.html

Hi Mark

That`s mean i cannot use c881 switch port to nat overload to different subnet from LAN network?

Since 192.168.5.0/24 &192.168.6.0/24 network are not directly connected to c881 and they are routed by a router which connected to c881 lan port, 

To achieve this, should I choose another router with route port as lan port to achieve the nat overload on lan interface?

For your refernce, there is static route for 192.168.5.0/24 and 192.168.6.0/24 with next hop 192.168.0.2 which direct connected to c881 lan port configured on c881 router.

Thanks

Matthew