Hi, one problem with the config that you listed below, is that you have 2
different interface in the same subnet as far as the Cisco goes. Unless
your doing IRB and the interfaces share the same bridge-group, you cannot
have multiple interfaces in the same subnet. Another problem that you will
run into is routing, You can only have one path to a subnet (with obvious
exceptions being made with certain routing protocols) in the config that you
listed, the Cisco will have what looks (to the cisco) like 2 paths to the
same subnet.
For this to work IMHO , you actually need to put at one intermediary router
to do the NAT for one of the 10.1.3.0/24 networks.
HTH
______________________________
Thomas Crowe
Senior Systems Engineer / Architect
CTS Professional Services - Atlanta
Phone: 770-664-3900
Cell: 404-277-4089
______________________________
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Nelluri Reddy
Sent: Tuesday, August 28, 2001 2:17 AM
To: [EMAIL PROTECTED]
Subject: How to NAT [7:17499]
I hope that some one out there can help me with a NAT problem
1) The router has a FA0/0 which connects to my internal network using
10.0.0.0/8
2) It has a s0/0 interface connecting to Minot, which has PC's on
10.1.3.0/24
3) It has s0/1 interface connecting to Bismarck, which also has PC's on
10.1.3.0/24
Both sets of PC's need to connect to servers on my internal network
which uses 10.1.3.0/24 as well. Luckily the servers are not on
10.1.3.0/24, but on 10.104.243.0/24 inside my network. So I have to use
NAT. So far I have come up with the following.
int fa0/0
ip address 10.121.5.135 255.255.255.240 (part of a vlan)
ip nat inside
int s0/0
ip address 10.121.40.1 255.255.255.252
ip nat outside
ip access-group minot in
int s0/1
ip address 10.121.40.5 255.255.255.252
ip nat outside
ip access-group bismarck in
ip nat pool minot 10.121.52.1 10.121.52.127 255.255.255.128
ip nat pool bismarck 10.121.52.129 10.121.52.254 255.255.255.128
ip nat outside source list minot pool minot
ip nat outside source list bismarck pool bismarck
ip access-list extended minot
permit ip 10.1.3.0 255.255.255.0 10.104.243.0 255.255.255.0
ip access-list extended bismarck
permit ip 10.1.3.0 255.255.255.0 10.104.243.0 255.255.255.0
ip route 10.0.0.0 255.0.0.0 10.121.5.142 (towards my internal network)
ip route 10.121.52.0 255.255.255.128 int s0/0
ip route 10.121.52.128 255.255.255.128 int s0/1
First, this won't work because the two access lists are the same. How
about the IP ROUTE statements for the serial interfaces? Do I use real
addresses or translated addresses?
Any help would be appreciated. Thanks in anticipation.
Nelluri
[GroupStudy.com removed an attachment of type text/x-vcard which had a name
of Thomas Crowe.vcf]
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=17502&t=17499
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
