Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

IP Nat Problem 1

Status
Not open for further replies.
fnkylinguist

fnkylinguist

IS-IT--Management
Joined
Aug 24, 2004
Messages
9
Hell All,

I have a problem configuring NAt on my interfaces. This is our setup:

FastEthernet 0/0 192.168.10.1
FastEthernet 0/1 68.x.x.8
Serial Interface No address
Serial Subinterface 0/0.1 64.x.x.1
Serial Subinterface 0/0.2 199.x.x.1
Serial Subinterface 0/0.3 112.x.x.1

We are using nat on the Ethernet Interfaces and now need to use nat on the serial interfaces so that traffic leaving those sub interfaces will appear to be coming from those sub interfaces.

How do I do this????????????????

When I route traffic to those interfaces the traffic comes from the originating address. I.E. 192.168.10.2....

When I add a ip nat outside to the interfaces, the traffic is translated to my fastethernet 0/1 address.

Is there a way to resolve this???????????????????????

Please help anyone.
 
Sort by date Sort by votes
you need to use route-map for the nat statement like this:

route-map FE1 permit 10
match interface f0/1
route-map SE1 permit 10
match interface s0/0.1
route-map SE2 permit 10
match interface s0/0.2
route-map SE3 permit 10
match interface s0/0.3
!
ip nat inside source route-map FE1 interface f0/1 overload
ip nat inside source route-map SE1 interface s0/0.1 overload
ip nat inside source route-map SE2 interface s0/0.2 overload
ip nat inside source route-map SE3 interface s0/0.3 overload
!

And of course you must have some ways to forward certain traffics to specific interfaces either by dynamic routing protocols or by using policy routing. If you want to implement policy routing, then you need this:

ip access-list extended host1
permit ip host a.b.c.d any
ip access-list extended host2
permit ip host e.f.g.h any
ip access-list extended host3
permit ip host w.x.y.z any
!
route-map host123 permit 10
match ip address list host1
set ip next-hop s0/0.1
route-map host123 permit 20
match ip address list host2
set ip next-hop s0/0.2
route-map host123 permit 30
match ip address list host3
set ip next-hop s0/0.3
!
int f0/0
ip policy route-map host123
!

If you have a default route pointing to f0/1, then this policy routing will force the traffic from host1 to s0/0.1 as outbound interface, host2 to s0/0.2 and host3 to s0/0.3. And if nothing matches the statements then it'll refer to the routing table.

HTH

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

B
  • Locked
  • Question Question
Cisco IP phone 7841 8851 unable to forward all to external number
Replies
0
Views
397
badwolf1686
B
DavidSigma
  • Locked
  • Question Question
CP7861 problem
Replies
0
Views
491
DavidSigma
DavidSigma
jobsp90
  • Locked
  • Question Question
I have a issue in my office hospital network regarding using IPPBX software.
Replies
2
Views
515
DavetheChef
DavetheChef
khashyar2021
  • Locked
  • Question Question
Problem with cisco switch after upgrading
Replies
1
Views
455
Geraldine Souza
Geraldine Souza
Delta5
  • Locked
  • Question Question
Cisco setting for automatic ip arp cache refresh
Replies
3
Views
1K
iggsterman
iggsterman

Part and Inventory Search

Sponsor

Back
Top