Re: NAT in Router 850 - Cisco Community

901

Views

0

Helpful

5

Replies

Hello

I have a Router Cisco 850, with C850 Software (C850-ADVSECURITYK9-M), Version 12.4(4)T7.

I need to do NAT between an IP 19x.xxx.xxx.13 to three IPs: 192.168.210.248, 192.168.210.249 and 192.168.210.250.

I do this configuration:

interface FastEthernet4

ip address 19x.xxx.xxx.13 255.255.255.240

ip nat outside

interface Vlan1

ip address 192.168.210.200 255.255.255.0

ip nat inside

!

ip default-gateway 1xx.xxx.xxx.14

ip classless

ip route 0.0.0.0 0.0.0.0 1xx.xxx.xxx.14

!

ip nat pool pool1 1xx.xxx.xxx.13 1xx.xxx.xxx.13 netmask 255.255.255.240

ip nat inside source list 10 pool pool1 overload

!

access-list 10 permit 192.168.210.250

access-list 10 permit 192.168.210.248

access-list 10 permit 192.168.210.249

When I do:

#sh ip nat statistics

Total active translations: 0 (0 static, 0 dynamic; 0 extended)

Outside interfaces:

FastEthernet4

Inside interfaces:

Vlan1

Hits: 106096 Misses: 6056

CEF Translated packets: 111874, CEF Punted packets: 458

Expired translations: 6187

Dynamic mappings:

-- Inside Source

[Id: 4] access-list 10 pool pool1 refcount 0

pool pool1: netmask 255.255.255.240

start 1xx.xxx.xxx.13 end 1xx.xxx.xxx.13

type generic, total addresses 1, allocated 0 (0%), misses 0

Queued Packets: 0

#sh ip nat translations

(Nothing appear)

If I do a telnet from a remote computer to 1xx.xxx.xxx.13, open the login from this router, and not what I want, an address from list 10.

What I need to do?

Thanks in advanced.

JosÃ© Goncalves

5 Replies 5

First OF all delete the default gateway

no ip default-gateway 1xx.xxx.xxx.14

no access-list 10

access-list 100 permit ip host 192.168.210.248 any

access-list 100 permit ip host 192.168.210.249 any

access-list 100 permit ip host 192.168.210.250 any

access-list 100 deny ip any any

interface vlan1

access-list 100 in

Hope this helps

sorry this must be:

interface vlan1

ip access-group 100 in

Thanks for the answer.

But this doesn't resolve the problem.

I want to use the IP 1xx.xxx.xxx.13 as the external IP to access to the internal (3) hosts.

And the same way, the internal hosts use this IP 1xx.xxx.xxx.13 to communicate to the external computers.

Best regards

Jose Goncalves

With This Configuration you can use The Public IP 1xx.xxx.xxx.13 to communicate to Internet.

If you want to Access your private Addresses from a Public IP you have to make NAT-MAP based on service for example:

ip nat inside source static tcp 192.168.210.248 80 1xx.xxx.xxx.13 80 extendable

This Maps the tcp 80 (or Http) to the 192.168.210.248.

There is no other way you can comunicate from Public to Private Network.

Brgds

Thanks. Now I understand better the problem.

I can use 1xx.xxx.xxx.13 to communicate to 192.168.210.250.

But if want that the three internal IPs use the same IP 1xx.xxx.xxx.13 to communicate to the Internet, how can configure the router?

This is my problem.

Thanks for your patience.

JosÃ© GonÃ§alves

Learn, share, save

Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.

New here? Get started with these tips. How to use Community New member guide

Log in to Community

Review Cisco Networking for a $25 gift card