Connectivity from One dept. bypassing corporate network to Internet

thomasm1998
thomasm1998 used Ask the Experts™
on
I am running a dept has very limited outside connectivity to internet, has only one fixed ip(static, private, 10.10.101.50) from IT department, I was able to manage my department network to surf the internet by placing the router and set the given static ip as gateway interface to ethernet port of router. Someday later I do not have a connectivity anymore, and only one system was able to go out to internet by reconfiguring the router as  follow
"ip nat inside source static 192.168.1.70 10.10.101.50"
Is there any way I can set up my department network to go to internet without have any extra IP with this cisco 2621 router. I can purchase other hardware if it is necessary like PIX..  I need your guys input in desperate.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
If the cisco can get to the internet with it's interface address, you can do the following:

ip access-list standard nat-list
  permit any

ip nat inside source list nat-list interface <outside interface> overload

Author

Commented:
Will those command line allow many nodes to one ip to outside like PAT of cisco pix , also will not be filtered by IT people based on source network address, which is my department network (assuming someware in ip header may have source ip address)?
Les MooreSr. Systems Engineer
Top Expert 2008

Commented:
Yes. Your 192.168.1.x IP addresses will not be seen outside your router as long as you are doing PAT.

quietyakr3 gave you the correct syntax for the commands. If you want to limit access, use the access-list:
ip access-list standard nat-list
 permit 192.168.1.70
 permit 192.168.1.71
 permit 192.168.1.72

etc..
Only those explicitly allowed will be natted.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial