Getting NAT correct on a 6509

poirot1967 · ‎03-12-2007

I need a little NAT advice. I am routing between 2 internal vlans, 192.168.32.0/24 and .64/24. I need to NAT these 2 vlans to the outside/public vlan 165.x.x.x. Here is the config I have come up wth :

ip nat pool niscpool 165.x.x.105 165.x.x.105 prefix 24

access-list 1 permit 192.168.32.0 0.0.0.255

access-list 1 permit 192.168.64.0 0.0.0.255

ip nat inside source list 1 pool niscpool overload

interface vlan 1

ip nat outside

interface vlan 3

ip nat inside

interface vlan 4

ip nat inside

Will this work? Any suggestions?

TIA

ssoberlik · ‎03-16-2007

If you are planning to implement NAT with Cat6509 supervisor itself, then you cannot go for 2 inside interfaec. Cisco IOS does not allow that configuration.

Refer to http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter09186a00800ca75b.html#wp1003513

But you can implement this scenario with Firewall module FWSM.

You can configure multiple SVIs to be part of the 'inside' interface.

http://www.cisco.com/en/US/products/hw/switches/ps708/products_module_configuration_guide_chapter09186a0080577c7f.html#wp1176033

Jon Marshall · ‎03-16-2007

Hi

Is this a limitation of the 6500 or the IOS.

As far as i am aware there is nothing to stop you applying the "ip nat inside" statement to more than one interface in IOS.

Jon