Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
14065
Views
15
Helpful
3
Replies

Subinterface nat/pat on router

Go to solution
sushil
Level 1
Level 1

‎11-06-2008 04:50 AM - edited ‎03-06-2019 02:20 AM

Curious to know is it possible to nat/pat on cisco routers.

Following is the scheme.

E0: a.b.c.d/28 it is a public interface.

Now E1: will be internal with subinterfaces.

Like E1/0.1- 192.168.10.1/24

and E2/0.2- 172.20.40.1/16

Is it possible to allow these networks to nat/pat with public int.

If yes how.Here want to allow internet on these two different subnets.

Thanks in Advance.

Reg,

Sushil

1 person had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎11-06-2008 04:59 AM

Sushil

Yes you can NAT on subinterfaces

int e0

ip nat outside

int e1/0.1

ip nat inside

int e2/0.2

ip nat inside

access-list 101 permit ip 192.168.10.0 0.0.0.255 any

access-list 101 permit ip 172.20.0.0 0.0.255.255

ip nat inside source list 101 interface e0 overload

Jon

View solution in original post

3 Replies 3

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎11-06-2008 04:59 AM

Sushil

Yes you can NAT on subinterfaces

int e0

ip nat outside

int e1/0.1

ip nat inside

int e2/0.2

ip nat inside

access-list 101 permit ip 192.168.10.0 0.0.0.255 any

access-list 101 permit ip 172.20.0.0 0.0.255.255

ip nat inside source list 101 interface e0 overload

Jon

Go to solution
henglyever
Level 1
Level 1
In response to Jon Marshall

‎11-24-2018 02:07 AM

It solved my problem. Thank you.
0 Helpful

Go to solution
pietro.palladino
Level 1
Level 1

‎11-03-2016 02:37 PM

Hi to all. I know that this thread is pretty old, but I'll try again in exposing my problem.

First of all, I had the same question and Jon's answer were very helpful.

Actually, my question is different. In the same situation, may I nat the private networks using an IP that isn't the one of the e0 interface?

I've a /29 public range (a.b.c.192/29). My e0 IP address is the 193 and I would like to use the remaining addresses for the NAT overload. The reason is that I need to nat around 1200 users (managed with 2 vlans) with my 2821 and I don't know what could happen with just a single IP.

Yes, I know, more likely the system resources of my router will end first, but I'd like to know if there's a solution to my question.

I tried to apply a variation to the Jon's solution.

I did as he said until the source list, then I defined a NAT-pool using 3 of the remaining public IPs and then I used the pool as follows:

ip nat inside source list 101 pool NAT-POOL overload

but it didn't work. Where is the problem?

Thank you

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card