Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


NAT configuration on CISCO 1750

Posted on 2003-03-03
Medium Priority
Last Modified: 2010-08-05
Hi All,

I would like to configure NAT on my cisco 1750.
(I want to enable my local system with a public address.)

1. How can I assign two ip address (Public & Local ) for the same interface on the router.?
2. How can I configure the NAT for my local system on the router?

Thanks in Advance.

Email : gopu@siptech.co.in
System Administrator,
SIP Tech,
Question by:ngopu

Expert Comment

ID: 8062579
Shall we assume that you're only going to use the Fast Ethernet interface and not utilize any serial ports on the router?

If you're just gonna use the single FastE for your setup (boat-anchor), you'll have to configure the FastE with subinterfaces and use that as a trunk to go into a switch that supports VLANS.

This way what you're doing is creating logical 'inside' and 'outside' ports. If you've got the switch hardware available to go this route, let us know what kind of switch you've got, what version of IOS you're running (you neet at least the 'plus' feature set) and we can cook up some configs for you.

There may be another way to do it, but I can't think of it as NAT will want defined inside and outside ports...


Expert Comment

ID: 8064846
I'll back up Pedrow on this one - we've tried to think of a way round this before.

There is no way (that we could find) to define one interface as both the inside AND outside of NAT.  The most promising line of thought we came up with was to define a loopback interface to act as the outside - but then you run into overlapping address space and routing issues.

The way we went was as Pedrow suggests - 802.1q VLANs.  That way the router has multiple logical interfaces on the single physical pipe.


Depending on what you're trying to achieve, do you actually need NAT?  It sounds like you are going to run 2 separate IP networks over the same Ethernet segment (not really a great idea, but lets say you've come down on this for a valid reason).

You can create a secondary address on the ethernet interface (ip address x.x.x.x x.x.x.x secondary), and the router will route packets in and out of the same interface.

But if the servers are on a LAN where they can see both the public and private networks directly, then why not just give each required server a second IP address in the public network?

I must stress again - there are many MANY reasons why you shouldn't do this, all related to security.  But from an IP standpoint it should work.
LVL 79

Expert Comment

ID: 8442627
G'day, ngopu
It has been 59 days since you posted this question.
Do you still need help? Have you received enough information?
Can you close out this question?
Ways to close questions: http://www.apollois.com/EE/Help/Closing_Questions.htm
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.


Author Comment

ID: 8442897
Can I 've more help regarding this.....???
LVL 79

Accepted Solution

lrmoore earned 80 total points
ID: 8443882
There is a sample config here that answers both of your questions:
LVL 79

Expert Comment

ID: 8725621
No comment has been added lately (43 days), so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area for this question:

RECOMMENDATION: Award points to lrmoore

Please leave any comments here within 7 days.



EE Cleanup Volunteer
If you feel that your question was not properly addressed, or that none of the comments received were appropriate answers,
please post comments here where a Moderator will see it.

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Tired of waiting for your show or movie to load?  Are buffering issues a constant problem with your internet connection?  Check this article out to see if these simple adjustments are the solution for you.
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

572 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question