Natting question

Discussion in 'Cisco' started by Cisco, Dec 2, 2004.

  1. Cisco

    Cisco Guest

    Hi,
    Is it possible to have multiple natting on the same interfaces?

    I have an overlapping network issue and need to use two way natting but also
    using the same router for adsl access which has nat enabled on the ethernet
    and dialer interface already.

    The overlap networks are between the ethernet and the serial interface so
    will it be an issue to have two ip nat outside statements one on the serial
    and one on the dialer.

    Can I get around this by using the ip nat source list followed by the
    interface name???

    Would appreciate some help with this.

    Thanks,
    Taff...
     
    Cisco, Dec 2, 2004
    #1
    1. Advertising

  2. Cisco

    Ben Guest

    Cisco wrote:
    > Hi,
    > Is it possible to have multiple natting on the same interfaces?
    >
    > I have an overlapping network issue and need to use two way natting but also
    > using the same router for adsl access which has nat enabled on the ethernet
    > and dialer interface already.
    >
    > The overlap networks are between the ethernet and the serial interface so
    > will it be an issue to have two ip nat outside statements one on the serial
    > and one on the dialer.
    >
    > Can I get around this by using the ip nat source list followed by the
    > interface name???
    >
    > Would appreciate some help with this.
    >
    > Thanks,
    > Taff...
    >
    >


    Yep you can do this using route-maps. From NAT FAQ:

    Q. Can IOS support multiple outside NAT tables?
    A. Yes, you can do this through the use of route maps. The dynamic
    translation command can now specify a route map to be processed instead
    of an ACL. A route map allows the user to match any combination of ACLs,
    next-hop IP addresses, and output interfaces to determine which pool to use.
     
    Ben, Dec 2, 2004
    #2
    1. Advertising

  3. Cisco

    Ben Guest

    Cisco wrote:
    > Hi,
    > Is it possible to have multiple natting on the same interfaces?
    >
    > I have an overlapping network issue and need to use two way natting but also
    > using the same router for adsl access which has nat enabled on the ethernet
    > and dialer interface already.
    >
    > The overlap networks are between the ethernet and the serial interface so
    > will it be an issue to have two ip nat outside statements one on the serial
    > and one on the dialer.
    >
    > Can I get around this by using the ip nat source list followed by the
    > interface name???
    >
    > Would appreciate some help with this.
    >
    > Thanks,
    > Taff...
    >
    >


    Yep you can do this using route-maps. From NAT FAQ:

    Q. Can IOS support multiple outside NAT tables?
    A. Yes, you can do this through the use of route maps. The dynamic
    translation command can now specify a route map to be processed instead
    of an ACL. A route map allows the user to match any combination of ACLs,
    next-hop IP addresses, and output interfaces to determine which pool to use.
     
    Ben, Dec 2, 2004
    #3
  4. Cisco

    Taff Guest

    Ok thanks for clarifying this Ben I'll do some more research into route
    maps.

    Taff.


    "Ben" <> wrote in message
    news:OaMrd.56463$...
    > Cisco wrote:
    > > Hi,
    > > Is it possible to have multiple natting on the same interfaces?
    > >
    > > I have an overlapping network issue and need to use two way natting but

    also
    > > using the same router for adsl access which has nat enabled on the

    ethernet
    > > and dialer interface already.
    > >
    > > The overlap networks are between the ethernet and the serial interface

    so
    > > will it be an issue to have two ip nat outside statements one on the

    serial
    > > and one on the dialer.
    > >
    > > Can I get around this by using the ip nat source list followed by the
    > > interface name???
    > >
    > > Would appreciate some help with this.
    > >
    > > Thanks,
    > > Taff...
    > >
    > >

    >
    > Yep you can do this using route-maps. From NAT FAQ:
    >
    > Q. Can IOS support multiple outside NAT tables?
    > A. Yes, you can do this through the use of route maps. The dynamic
    > translation command can now specify a route map to be processed instead
    > of an ACL. A route map allows the user to match any combination of ACLs,
    > next-hop IP addresses, and output interfaces to determine which pool to

    use.
    >
    >
    >
     
    Taff, Dec 2, 2004
    #4
  5. Cisco

    Taff Guest

    So how would I set this up for the following configuration.

    Lan 1 - 192.168.1.0/24
    Lan 2 - 192.168.100.0/24
    Lan 3 - 192.168.1.0/24
    Internet - xxx.xxx.xxx.xxx dialer0

    Internet router:
    Ethernet - 192.168.100.0
    S0/0 - 192.168.10.2
    Dialer0 - Internet



    Internet

    :

    :
    Lan 1 > Router(192.168.10.0) > Frame relay > Internet Router (NAT)

    |

    |

    ______________ Lan 2 (GW - 192.168.100.250)

    |

    | Layer 3 switch

    _______________ Lan 3 (GW - 192.168.1.250)

    Description:
    Client on Lan 1 needs to talk to server on Lan 2. Clients on Lan 3 also need
    to talk to server on LAN 2. Server on LAN 2 has gateway of Layer 3 switch
    and forwards packets for destination 192.168.1.0 to Lan 3 by default.

    Therefore I need to mask the source address from Lan1 and make sure that the
    server on Lan 2 can reply via the Internet router. Lan 3 does not require
    clients to talk to the internet so the internet router doesn't require to
    know about those clients.




    Config so far: (just put in the juicy bits)

    2600 router

    Interface fastethernet 0/0
    Description connection to LAN 2
    ip address 192.168.100.249/24
    ip nat inside

    Interface dialer0
    no ip address
    dialer-pool 1
    dialer group 1
    ip nat outside

    Interface serial0/0
    Description connection to LAN 1
    ip address 192.168.10.2/24
    encap etc etc

    ip nat inside source list 101 interface dialer0 overload

    access-list 101 permit ip 192.168.100.0 0.0.0.255 any

    ip route 192.168.1.0 255.255.255.0 serial0/0
    ip route 0.0.0.0 0.0.0.0 dialer0



    Layer 3 switch:
    Default route 192.168.100.249 (Internet router)
    Default gateways for both LAN 2 and LAN 3 with routing between them.


    I hope this makes things a little clearer.
























    "Ben" <> wrote in message
    news:OaMrd.56463$...
    > Cisco wrote:
    > > Hi,
    > > Is it possible to have multiple natting on the same interfaces?
    > >
    > > I have an overlapping network issue and need to use two way natting but

    also
    > > using the same router for adsl access which has nat enabled on the

    ethernet
    > > and dialer interface already.
    > >
    > > The overlap networks are between the ethernet and the serial interface

    so
    > > will it be an issue to have two ip nat outside statements one on the

    serial
    > > and one on the dialer.
    > >
    > > Can I get around this by using the ip nat source list followed by the
    > > interface name???
    > >
    > > Would appreciate some help with this.
    > >
    > > Thanks,
    > > Taff...
    > >
    > >

    >
    > Yep you can do this using route-maps. From NAT FAQ:
    >
    > Q. Can IOS support multiple outside NAT tables?
    > A. Yes, you can do this through the use of route maps. The dynamic
    > translation command can now specify a route map to be processed instead
    > of an ACL. A route map allows the user to match any combination of ACLs,
    > next-hop IP addresses, and output interfaces to determine which pool to

    use.
    >
    >
    >
     
    Taff, Dec 2, 2004
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. manu
    Replies:
    0
    Views:
    498
  2. xcelloM

    Natting with cisco 803

    xcelloM, Nov 3, 2004, in forum: Cisco
    Replies:
    1
    Views:
    860
    Martin Bilgrav
    Nov 4, 2004
  3. Raymond Doetjes

    PIX natting of a VPN tunnel?

    Raymond Doetjes, Dec 20, 2004, in forum: Cisco
    Replies:
    2
    Views:
    1,423
    Walter Roberson
    Dec 20, 2004
  4. AM
    Replies:
    1
    Views:
    432
    Daniel Prinsloo - www.CherryFive.com
    Jan 24, 2005
  5. CD
    Replies:
    6
    Views:
    719
    Lutz Donnerhacke
    Nov 17, 2006
Loading...

Share This Page