I hope that some one out there can help me with a NAT problem
1) The router has a FA0/0 which connects to my internal network using
10.0.0.0/8
2) It has a s0/0 interface connecting to Minot, which has PC's on
10.1.3.0/24
3) It has s0/1 interface connecting to Bismarck, which also has PC's on
10.1.3.0/24
Both sets of PC's need to connect to servers on my internal network
which uses 10.1.3.0/24 as well. Luckily the servers are not on
10.1.3.0/24, but on 10.104.243.0/24 inside my network. So I have to use
NAT. So far I have come up with the following.
int fa0/0
ip address 10.121.5.135 255.255.255.240 (part of a vlan)
ip nat inside
int s0/0
ip address 10.121.40.1 255.255.255.252
ip nat outside
ip access-group minot in
int s0/1
ip address 10.121.40.5 255.255.255.252
ip nat outside
ip access-group bismarck in
ip nat pool minot 10.121.52.1 10.121.52.127 255.255.255.128
ip nat pool bismarck 10.121.52.129 10.121.52.254 255.255.255.128
ip nat outside source list minot pool minot
ip nat outside source list bismarck pool bismarck
ip access-list extended minot
permit ip 10.1.3.0 255.255.255.0 10.104.243.0 255.255.255.0
ip access-list extended bismarck
permit ip 10.1.3.0 255.255.255.0 10.104.243.0 255.255.255.0
ip route 10.0.0.0 255.0.0.0 10.121.5.142 (towards my internal network)
ip route 10.121.52.0 255.255.255.128 int s0/0
ip route 10.121.52.128 255.255.255.128 int s0/1
First, this won't work because the two access lists are the same. How
about the IP ROUTE statements for the serial interfaces? Do I use real
addresses or translated addresses?
Any help would be appreciated. Thanks in anticipation.
Nelluri
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=17499&t=17499
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
