03-24-2023 04:04 AM
Hello,
is it possible to make NAT between two VLAN, and tranlate address from one side to the other and opposite. For example 10.10.10.1 witch comes from vlan 1 transle it to 10.10.20.1. And from the VLAN 2 address 10.10.20.1 translate to 10.10.10.1. Is it possible. Does it will give duplicate addresses? And if it is possible how to make that on subinterfaces.
03-24-2023 04:10 AM - edited 03-24-2023 05:42 AM
.
03-24-2023 08:14 AM
is it possible to make NAT between two VLAN, and tranlate address from one side to the other and opposite. For example 10.10.10.1 witch comes from vlan 1 transle it to 10.10.20.1.
-> yes this is possible
And from the VLAN 2 address 10.10.20.1 translate to 10.10.10.1. Is it possible. Does it will give duplicate addresses?
-> yes this is possible
-> yes you could end up with double addresses
but you could split the range like
10.10.10.1-10.10.10.126-> 10.10.20.1-10.10.20.126
10.10.20.129-10.10.20.254 -> 10.10.10.129-10.10.10.254
And if it is possible how to make that on subinterfaces.
-> just apply the "ip nat inside/outside" command on the subinterface
03-27-2023 02:21 AM - edited 03-27-2023 02:26 AM
Hi, that's how looks my router configuration, we need to test how it works so I made Router on a Stick, with trunk on one port in router with subinterfaces. We connected it to switch and then to PC1 and PC2.
Building configuration...
!
interface GigabitEthernet0/0/0
no ip address
negotiation auto
!
interface GigabitEthernet0/0/0.412
encapsulation dot1Q 412
ip address 10.10.10.254 255.255.255.0
ip nat enable
!
interface GigabitEthernet0/0/0.512
encapsulation dot1Q 512
ip address 10.10.20.254 255.255.255.0
ip nat enable
!
interface GigabitEthernet0/1/0
!
interface GigabitEthernet0/1/1
!
interface GigabitEthernet0/1/2
!
interface GigabitEthernet0/1/3
!
interface Vlan1
no ip address
!
interface Vlan412
no ip address
!
interface Vlan512
no ip address
!
ip nat inside source static 10.10.10.1 10.10.20.1
!
!
!
!
!
!
end
I read that if I do this on subinterfaces i need to do command ip nat enable only on both interfaces. My PC1 is 10.10.10.1 and PC2 is 10.10.20.7. I would like to configure NAT so when i ping from PC1 to PC2, I would see in wireshark on PC2 that source address of the ping is not 10.1 but 20.1, so after the translation.
03-27-2023 03:02 AM
make these changes
interface GigabitEthernet0/0/0.412
...
ip nat inside
!
interface GigabitEthernet0/0/0.512
...
ip nat outside
03-27-2023 03:18 AM
Ok, now I change it, what next?
03-27-2023 03:13 AM
Hello
Why?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide