NAT

[nirina]

Hi,

I have a CISCO 1720 with one interface card (Fastethernet0).
I want to do NAT with this one interface.
My configuration is:
interface FastEthernet0
ip address 192.168.0.254 255.255.255.0 secondary
ip address 62.56.162.28 255.255.255.240
ip nat inside
It's not working.
What do I do please?

Claude

 

[nohair]

Hi,
Can you please provide a little more information? What interface are you wanting to NAT the traffic to for instance?

BR,

-Stephen

 

[ChrisAC]

You must have more than one interface? What else does the router connect to apart from your internet network.

Here's an example from my router using a LAN address on the ethernet side and an ATM DSL interface on the outside.

interface ATM0
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
no fair-queue
!
interface ATM0.1 point-to-point
ip address <my live address> 255.255.255.252
ip access-group 105 in
ip nat outside
pvc 1/50
protocol ip <next hop router> broadcast
encapsulation aal5snap
!
interface FastEthernet0
ip address 192.168.3.1 255.255.255.0
ip nat inside
speed auto
no cdp enable
!
!! NAT traffic from list 5 to the external address !!
ip nat translation timeout 3600
ip nat inside source list 5 interface ATM0.1 overload
!
!!! allow my network to be NATed !!
access-list 5 permit 192.168.3.0 0.0.0.255


Chris **********************
Chris Andrew, CCNA, CCSA
chris@iproute.co.uk
**********************

 

[tschouten]

I'm assuming you want to perform NAT off of one interfcace or as CISCO calls it NAT on a Stick.

If that is the case you don't have it set-up completely. This is sort of a format for creating NAT on a Stick you can follow it and replace Ip addresses where you see fit.

BELOW IS A ROUTER RUNNING-CONFIG FILE WITH ADDED COMMENTS; the added comments describe what the router is doing and are started with the ---:

interface Loopback0
ip address 10.0.1.1 255.255.255.252
ip nat outside

--- Creates a virtual interface called Loopback 0 and
assigns an IP address of 10.0.1.1 to it. Defines
interface Loopback 0 as NAT outside.

!
!
interface Ethernet0
ip address 192.168.1.2 255.255.255.0 secondary
ip address 10.0.0.2 255.255.255.0
ip Nat inside

--- Assigns a primary IP address of 10.0.0.2 and a
secondary IP address of 192.168.1.2 to Ethernet 0.
Defines interface Ethernet 0 as NAT inside. The
192.168.1.2 address will be used to communicate
through the Internet. The 10.0.0.2 address will be
used to communicate with the local hosts.


ip policy route-map Nat-loop

--- Assigns route-map &quot;Nat-loop&quot; to Ethernet 0 for policy
routing.

!
ip Nat pool external 192.168.2.2 192.168.2.3 prefix-length 29
ip Nat inside source list 10 pool external overload
ip Nat inside source static 10.0.0.12 192.168.2.1

--- NAT is defined: packets matching access-list 10 will be
translated to an address from the pool
called &quot;external&quot;.
--- A static NAT translation is defined for 10.0.0.12 to be
translated to 192.168.2.1


ip classless
!
!
ip route 0.0.0.0 0.0.0.0 192.168.1.1
ip route 192.168.2.0 255.255.255.0 Ethernet0

--- Static default route set as 192.168.1.1, also a static
route for network 192.168.2.0/24 directly attached to
Ethernet 0

!
!
access-list 10 permit 10.0.0.0 0.0.0.255

--- Access-list 10 defined for use by NAT statement above.


access-list 102 permit ip any 192.168.2.0 0.0.0.255
access-list 102 permit ip 10.0.0.0 0.0.0.255 any

--- Access-list 102 defined and used by route-map &quot;Nat-
loop&quot; which is used for policy routing.

!
Access-list 177 permit icmp any any

--- Access-list 177 used for debug. Or testing connectivity

!
route-map Nat-loop permit 10
match ip address 102
set ip next-hop 10.0.1.2

--- Creates route-map &quot;Nat-loop&quot; used for policy routing.
--- Route map states that any packets matching access-list
102 will have the next hop set to 10.0.1.2 and be
routed &quot;out&quot; the loopback interface. All other packets
will be routed normally.

!
end
NAT-router#