Help with NAT

Discussion in 'Cisco' started by HomerSimpson, Oct 22, 2003.

  1. HomerSimpson

    HomerSimpson Guest

    I am wanting to configure a one to one NAT configuration on a 2621 router
    by using both FastE interfaces.

    I have a /28 address block from my ISP. The gateway address is configured
    on the ISPs 6509 that I will be connecting to inside their premises. I am
    housing my router, switch(Extreme) and equipment inside their building.

    Example..

    999.230.24.0/28 - ISP block where 999.230.24.1 is their gateway.
    Usable IPs on my 2621 will be 999.230.24.2 through 999.230.2.14
    I will connect fastE 0/0 to their 6509.

    fastE 0/1 will have private IP space (172.16.1.0/28).

    What are the commands to setup one for one NAT so that one public IP will
    match to one private IP? I will also be configured this as a firewall
    router so that I can apply an access-list to the inbound direction of fa0/0
    to only permit certain IPs.

    Hopefully this makes sense and thanks in advance...

    Homer
     
    HomerSimpson, Oct 22, 2003
    #1
    1. Advertising

  2. HomerSimpson

    HomerSimpson Guest

    "HomerSimpson" <> wrote in message
    news:eek:8olb.201830$%h1.201258@sccrnsc02...
    > I am wanting to configure a one to one NAT configuration on a 2621 router
    > by using both FastE interfaces.
    >
    > I have a /28 address block from my ISP. The gateway address is configured
    > on the ISPs 6509 that I will be connecting to inside their premises. I am
    > housing my router, switch(Extreme) and equipment inside their building.
    >
    > Example..
    >
    > 999.230.24.0/28 - ISP block where 999.230.24.1 is their gateway.
    > Usable IPs on my 2621 will be 999.230.24.2 through 999.230.2.14
    > I will connect fastE 0/0 to their 6509.
    >
    > fastE 0/1 will have private IP space (172.16.1.0/28).
    >
    > What are the commands to setup one for one NAT so that one public IP will
    > match to one private IP? I will also be configured this as a firewall
    > router so that I can apply an access-list to the inbound direction of

    fa0/0
    > to only permit certain IPs.
    >
    > Hopefully this makes sense and thanks in advance...
    >
    > Homer





    No takers on this one?

    Please... help...


    Homer
     
    HomerSimpson, Oct 25, 2003
    #2
    1. Advertising

  3. On Fri, 24 Oct 2003 23:45:25 +0000, HomerSimpson wrote:


    >
    > No takers on this one?
    >


    Here's one way.

    !
    interface Fastethernet 0/0
    ip address 999.230.24.2 255.255.255.240
    ip nat outside
    !
    interface Fastethernet 0/1
    ip address 172.16.1.1 255.255.255.240
    ip nat inside
    !
    ip nat inside source static network 172.16.1.0 999.230.24.0 255.255.255.240
    !

    You can have 172.16.1.[3-14] in your internal network.

    --
    Rgds,
    Martin
     
    Martin Gallagher, Oct 25, 2003
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Al Dykes
    Replies:
    8
    Views:
    602
    Walter Roberson
    Oct 29, 2003
  2. JCVD
    Replies:
    1
    Views:
    470
    Martin Gallagher
    Feb 13, 2004
  3. Anonymous Poster
    Replies:
    0
    Views:
    10,641
    Anonymous Poster
    Apr 26, 2004
  4. Kenny D

    Identity Nat v Exemption NAT

    Kenny D, May 8, 2004, in forum: Cisco
    Replies:
    1
    Views:
    4,018
    Walter Roberson
    May 8, 2004
  5. Allan Wilson

    VPN, from nat without VPN to nat with it

    Allan Wilson, Jul 5, 2004, in forum: Cisco
    Replies:
    1
    Views:
    629
    Walter Roberson
    Jul 5, 2004
Loading...

Share This Page