Cisco Router - NAT in and out on the same interface

cisco router routing nat
8,643

This configuration is called 'NAT on a stick', as the router will forward to the same end of the stick.

Cisco has a good design technote here which explain how to use it with indeed a loopback, but also with route-maps. This could help you.

Here is the configuration they're using. With only a little ajustments you should be able to use it with your setup:

interface Loopback0   
 ip address 10.0.1.1 255.255.255.252
 ip nat outside

interface Ethernet0
 ip address 192.168.1.2 255.255.255.0 secondary
 ip address 10.0.0.2 255.255.255.0
 ip nat inside
 ip policy route-map Nat-loop

ip nat pool external 192.168.2.2 192.168.2.3 prefix-length 29
ip nat inside source list 10 pool external overload
ip nat inside source static 10.0.0.12 192.168.2.1


ip classless

ip route 0.0.0.0 0.0.0.0 192.168.1.1
ip route 192.168.2.0 255.255.255.0 Ethernet0

access-list 10 permit 10.0.0.0 0.0.0.255 

access-list 102 permit ip any 192.168.2.0 0.0.0.255
access-list 102 permit ip 10.0.0.0 0.0.0.255 any
access-list 177 permit icmp any any

route-map Nat-loop permit 10
 match ip address 102
 set ip next-hop 10.0.1.2
Share:
8,643

Related videos on Youtube

fdf33
Author by

fdf33

Updated on September 18, 2022

Comments

  • fdf33
    fdf33 over 1 year

    Here's the situation:

    I have a couple of clients connected to a switch and the switch is connected to a Cisco 2621.

    The clients all have IP addresses in the range 192.168.1.0/24 and the router address is 192.168.1.254.

    So, host A has the address 192.168.1.1 and host B has the address 192.168.1.2.

    I would like to be able to get to each host using another address (172.16.1.1 for 192.168.1.1 for example).

    So I need to be able to NAT this on the router. I have played about and used a loopback interface and assigned an address and used ip nat outside on there, though I couldn't really get it working.

    Any ideas on how to do this would be great.

    Thanks

  • fdf33
    fdf33 almost 13 years
    Thanks. I'd seen that before and gave it a go and couldn't get it working at all. Would it essentially let me ping say 172.16.1.1 and this be translated to 192.168.1.1?
  • petrus
    petrus almost 13 years
    well, you have to adapt it to your configuration, but yes, this would allow it.
  • fdf33
    fdf33 almost 13 years
    Just adapted that config and tried it on my router. Basically, the pings now work, but the router shows nothing when debugging NAT and the host isn't showing that it's getting the actual pings either when using tcpdump. So it's like it's pinging just the router itself.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

cisco ip nat / port forwarding
How to configure cable modem router to allow port forwarding to other connected router?
How to link two routers LAN to WAN
NAT vs. port forwarding
Packets dropped due to NAT? Firewall? Unroutable private IP addresses?
Configure Mac OS X Server as Router?
Cisco ASA Implicit rule dropping traffic
Configure Cisco router overload NAT (IOS 15)
Create NAT rule and security policies for port 443/80 on a Cisco ASA 5510
Cisco - NAT causes nslookup to return local IP