thomasm1998
asked on
Connectivity from One dept. bypassing corporate network to Internet
I am running a dept has very limited outside connectivity to internet, has only one fixed ip(static, private, 10.10.101.50) from IT department, I was able to manage my department network to surf the internet by placing the router and set the given static ip as gateway interface to ethernet port of router. Someday later I do not have a connectivity anymore, and only one system was able to go out to internet by reconfiguring the router as follow
"ip nat inside source static 192.168.1.70 10.10.101.50"
Is there any way I can set up my department network to go to internet without have any extra IP with this cisco 2621 router. I can purchase other hardware if it is necessary like PIX.. I need your guys input in desperate.
"ip nat inside source static 192.168.1.70 10.10.101.50"
Is there any way I can set up my department network to go to internet without have any extra IP with this cisco 2621 router. I can purchase other hardware if it is necessary like PIX.. I need your guys input in desperate.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Yes. Your 192.168.1.x IP addresses will not be seen outside your router as long as you are doing PAT.
quietyakr3 gave you the correct syntax for the commands. If you want to limit access, use the access-list:
ip access-list standard nat-list
permit 192.168.1.70
permit 192.168.1.71
permit 192.168.1.72
etc..
Only those explicitly allowed will be natted.
quietyakr3 gave you the correct syntax for the commands. If you want to limit access, use the access-list:
ip access-list standard nat-list
permit 192.168.1.70
permit 192.168.1.71
permit 192.168.1.72
etc..
Only those explicitly allowed will be natted.
ASKER