- Posts: 2
- Thank you received: 0
NATing two Interfaces on a Cisco Router
21 years 1 month ago #1349
by slattont
NATing two Interfaces on a Cisco Router was created by slattont
I am configuring a Cisco Router (with 12.2 firmware) for an unusual application. The router has four interfaces. Two interfaces will be connected to an "outside" network. The other two interfaces will be "inside" and need to be NATed. I am unsure how to configure the NATing for the four ports?
[code:1]
! Outside interface for 172.16.0.0/23
interface FastEthernet0/0
ip address 172.16.0.254 255.255.254.0
no ip route-cache
no ip mroute-cache
duplex auto
speed auto
!
! Outside interface for xxx.xxx.224.0/24
interface FastEthernet0/1
ip address xxx.xxx.224.254 255.255.255.0
ip nat outside
ip access-group deny-outside_192 in
no ip route-cache
no ip mroute-cache
duplex auto
speed auto
!
! Inside interface for 192.168.172.0/23
interface FastEthernet1/0
ip address 192.168.172.10 255.255.254.0
no ip route-cache
no ip mroute-cache
duplex auto
speed auto
!
! Inside interface for 192.168.224.128/24
interface FastEthernet1/1
ip address 192.168.224.10 255.255.255.0
ip nat inside
no ip route-cache
no ip mroute-cache
duplex auto
speed auto
!
ip nat inside source static 192.168.224.222 xxx.xxx.224.222
ip classless
ip route 192.168.224.0 255.255.255.0 FastEthernet1/1
[/code:1]
Tim S
[code:1]
! Outside interface for 172.16.0.0/23
interface FastEthernet0/0
ip address 172.16.0.254 255.255.254.0
no ip route-cache
no ip mroute-cache
duplex auto
speed auto
!
! Outside interface for xxx.xxx.224.0/24
interface FastEthernet0/1
ip address xxx.xxx.224.254 255.255.255.0
ip nat outside
ip access-group deny-outside_192 in
no ip route-cache
no ip mroute-cache
duplex auto
speed auto
!
! Inside interface for 192.168.172.0/23
interface FastEthernet1/0
ip address 192.168.172.10 255.255.254.0
no ip route-cache
no ip mroute-cache
duplex auto
speed auto
!
! Inside interface for 192.168.224.128/24
interface FastEthernet1/1
ip address 192.168.224.10 255.255.255.0
ip nat inside
no ip route-cache
no ip mroute-cache
duplex auto
speed auto
!
ip nat inside source static 192.168.224.222 xxx.xxx.224.222
ip classless
ip route 192.168.224.0 255.255.255.0 FastEthernet1/1
[/code:1]
Tim S
21 years 1 month ago #1357
by Chris
Chris Partsenidis.
Founder & Editor-in-Chief
www.Firewall.cx
Replied by Chris on topic Re: NATing two Interfaces on a Cisco Router
slattont,
No problem, we will be more than happy to assit.
To help us though understand the problem and what you need to do, please provide us a with an simple ascii diagram, ip addresses (you can use fake ones for the public interfaces is they are static) and explain what you need to do.
Cheers,
No problem, we will be more than happy to assit.
To help us though understand the problem and what you need to do, please provide us a with an simple ascii diagram, ip addresses (you can use fake ones for the public interfaces is they are static) and explain what you need to do.
Cheers,
Chris Partsenidis.
Founder & Editor-in-Chief
www.Firewall.cx
21 years 3 weeks ago #1464
by slattont
Replied by slattont on topic Re: NATing two Interfaces on a Cisco Router
Here is a simple diagram:
[code:1]
172.16.0.0/23 xxx.xxx.224.0/24
Outside | | Outside
0/0 | | 0/1
| |
| |
| |
| |
|
|
|
|
|Cisco Router |
|
|
|
|
| |
| |
| |
Inside | | Inside
1/0 | | 1/1
192.168.172.0/23 | | 192.168.224.0/24
| |
[/code:1]
I am trying to Nat to the two inside ports. But when I attempt to create two different NAT pools, the router appears to merge the two.
Tim
[code:1]
172.16.0.0/23 xxx.xxx.224.0/24
Outside | | Outside
0/0 | | 0/1
| |
| |
| |
| |
|
|
|
|
|Cisco Router |
|
|
|
|
| |
| |
| |
Inside | | Inside
1/0 | | 1/1
192.168.172.0/23 | | 192.168.224.0/24
| |
[/code:1]
I am trying to Nat to the two inside ports. But when I attempt to create two different NAT pools, the router appears to merge the two.
Tim
Time to create page: 0.116 seconds