I resonded briefly to John earlier but didn't copy the list due to the low value content. Just not enough time....Need a Spec Miata(Anyone have an old Miata for sale on the west coast?) Since I guess actually configs are what you want I took a spin around to find where I might have saved those but didn't find it.
I'll take a quick stab at config sample, but it's been while for me and this isn't the intended way to use this equipment/software. -------------------------------- Assuming 192.168.1.0/24 is your internal network which you want NAT'ed into a global pool out of an allocated 123.45.67.0/29. This 2501 is connected to another router via 111.22.33.2/30 and pointing default to 111.22.33.1 int e0 no ip redir no ip proxy-arp ip addr 192.168.1.1 255.255.255.0 ip addr 111.22.33.2 255.255.255.252 sec ip nat inside ip policy route-map send-to-nat int loop100 ip address 123.45.67.1 255.255.255.248 ip nat outside ip route 0.0.0.0 0.0.0.0 111.22.33.1 policy-map send-to-nat ip nat pool public 123.45.67.2 123.45.67.6 netmask 255.255.255.248 ip nat inside source list 10 pool public access-list 10 permit 192.168.1.0 0.0.0.255 route-map send-to-nat permit 10 match ip address 10 set ip next-hop 123.45.67.7 !Or maybe this needs to be 123.45.67.1 !It's possible that you'd need this if the ip nat inside is catching traffic, but with explict src it shouldn't. access-list 101 deny ip 192.168.1.0 0.0.0.255 any access-list 101 permit ip any 123.45.67.0 0.0.0.7 route-map send-to-nat permit 5 match ip address 101 set ip next-hop 123.45.67.1 John Mairs wrote: > > How would I find the examples you speak of? how would > I apply the > ip nat inside and ip nat outside commands. would it be > something like > ! > interface ethernet e0 > ip nat inside > ! > interface ethernet e0 secondary > ip nat outside > > --- Darrell Newcomb wrote: > > Interesting. I assume you're trying to place global > > and locally > > addresses machines on the same L2 ethernet and use > > secondary addresses > > to place the router on both L3 networks. This part > > is straight forward, > > just remember to disable icmp-redirects on this > > interface to remove a > > couple ambiguities. > > > > For some special cases I've used policy routing to > > direct traffic to > > "the right" nat pool. In your case just base it on > > source address for > > the locally addressed endpoints. I've also used > > loopback addresses to > > create the outside interface, if you need such a > > thing. Together those > > should work for what you're trying to do. But it's > > far from the > > intended deployment senario and wouldn't get support > > for any interesting > > bugs that are uncovered. There are examples of both > > of these situations > > I think it's just a matter of putting it all > > together. And talk about > > slow. > > > > I'm sure others will have different approaches. > > Good Luck, > > Darrell > > > > John Mairs wrote: > > > > > > Hi, > > > > > > can I, if so, how would I go about setting up NPAT > > on > > > my 2501's only ethernet port. I am confused as to > > how > > > my router will be able to distinguish > > inside/outside > > > NAT on the primary/secondary interfaces. > > > > > > Essentially I would like to now how to configure > > the > > > router to do this with a rudimentary explanation > > what > > > is happening. > > > > > > I can find thousands of descriptions of how to set > > up > > > NAT but none of them show how to do this over a > > single > > > LAN interface. > > > > > > Any thoughts would be greatly appreciated. > > > > > > Thanks for your time, > > > > > > John > > > > > > __________________________________________________ > > > Do You Yahoo!? > > > Send your FREE holiday greetings online! > > > http://greetings.yahoo.com > [EMAIL PROTECTED] > > ===== > John L. Mairs > > __________________________________________________ > Do You Yahoo!? > Send your FREE holiday greetings online! > http://greetings.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=30509&t=30509 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
