Help with NAT configuration on a Catalyst 6500 with no FWSM

Discussion in 'Cisco' started by Bryan, Dec 6, 2006.

  1. Bryan

    Bryan Guest

    Hello all,

    So, here's my situation:

    I have a Catalyst 6500 (with no Firewall Services Module) with a
    switchport interface (let's call it the external interface) configured
    with an ip address of and a vlan interface (vlan 101)
    configured with an ip address of

    I have another switchport interface assigned to vlan 101 and a computer
    connected to that switchport with an ip address of and the
    gateway set to

    I have a computer connected to the external interface with an ip
    address of and the gateway set to

    I can ping from to and visa versa with no

    Now what I would like to do is set up NATing on the vlan interface such
    that any traffic coming from the network looks like it's
    coming from the vlan interface itself ( to the computers
    on the network.

    Can anyone help me out with this? I've searched the web for 6500 NAT
    examples but all the results I've seen so far deal with the FWSM. I've
    also tried to figure it out myself by looking at the 'ip nat' commands
    on the 6500 but just don't know where to start...

    Thanks in advance!!!
    Bryan, Dec 6, 2006
  2. Bryan

    Bod43 Guest

    This is no different from any other Cisco NAT.

    int whatever- ! e.g int gi 4/7
    ip nat outside

    int whatever-
    ip nat inside

    ip nat inside source list ACL.nat interface whatever-

    ip access-list extended ACL.nat
    permit ip any any

    If you fancy you could use a more restrictive ACL but it
    is not necessary since only the relevant traffic is
    considered for NAT anyway.

    If I recall correctly this will be CPU routed wich will give your
    6500 the same performance as a 7200 ish.
    Bod43, Dec 7, 2006
