Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
741
Views
0
Helpful
7
Replies

Multiple NAT

edw
Level 1
Level 1

‎10-27-2006 03:44 AM

Hi,

I have a 2800 router with seven interfaces. I have one which is outside interface. I have another which is inside to my internal network. I have one more at present which is setup on vlan for public events. IE I keep them seperate. I can get Nat working from inside to outside. I can ping from internal network to public vlan and back.

But I can't figure out how to get NAT running for the public vlan.

!

interface FastEthernet0/0

description OUTSIDE

ip address 210.30.180.x 255.255.255.248

ip nat outside

duplex auto

speed auto

!

interface FastEthernet0/1

description INSIDE

ip address 192.168.1.195 255.255.255.0

ip nat inside

duplex full

speed auto

!

interface Vlan10

ip address 10.10.10.1 255.255.255.0

!

ip route 0.0.0.0 0.0.0.0 210.30.180.x permanent

!

interface FastEthernet0/0/3

switchport access vlan 10

ip nat pool IntOut 210.30.180.x 210.30.180.x netmask 255.255.255.0

ip nat pool Public 210.30.180.x 210.30.180.x netmask 255.255.255.0

ip nat inside source list 150 pool IntOut overload

ip nat inside source list 151 pool Public overload

access-list 150 permit ip 192.168.1.0 0.0.0.255 any

access-list 151 permit ip 10.10.10.0 0.0.0.255 any

Any pointers or ideas????

Thanks

Ed

Labels:
0 Helpful
7 Replies 7

lgijssel
Level 9
Level 9

‎10-27-2006 04:06 AM

Try to add "ip nat inside" to your interface vlan 10.

Regards,

Leo

0 Helpful

edw
Level 1
Level 1
In response to lgijssel

‎10-27-2006 04:14 AM

yep already done this - still no joy ;(

0 Helpful

lgijssel
Level 9
Level 9
In response to edw

‎10-27-2006 04:18 AM

1: Already tried using standard acl's to specify nat sources?

2: Check the mask on the pool statements: shouldn't this be 255.255.255.255 instead?

Regards,

Leo

0 Helpful

edw
Level 1
Level 1
In response to lgijssel

‎10-27-2006 04:33 AM

Okay - I tired the 255.255.255.255 route but no joy - plus the 255.255.255.0 is working for the inside to outside interfaces fine.

I could try standard acl but the thing is the same nat setup is working for the inside to outside interfaces - so Im thinking there is something different I have to do to a vlan interface...

0 Helpful

edw
Level 1
Level 1
In response to lgijssel

‎10-27-2006 04:54 AM

Okay - I tired the 255.255.255.255 route but no joy - plus the 255.255.255.0 is working for the inside to outside interfaces fine.

I could try standard acl but the thing is the same nat setup is working for the inside to outside interfaces - so Im thinking there is something different I have to do to a vlan interface...

0 Helpful

lgijssel
Level 9
Level 9
In response to edw

‎10-27-2006 08:17 AM

VLAN interfaces are not special. This case appearently requires some troubleshooting. Check for example what happens when you disable nat on the working interface.

Also, it should undoubtedly work when you are using a single translation for both interfaces. This requires merging both access lists and appply nat to it.

BTW: what platform and IOS version are you using for this?

Regards,

Leo

0 Helpful

edw
Level 1
Level 1
In response to lgijssel

‎10-27-2006 02:55 PM

Hi,

Okay that makes sense, I thought so just wanted to double check. Its 2811 with IOS 12.4T.

Ill give it some more thought now I know Im on the right foot.

0 Helpful
Customers Also Viewed These Support Documents