Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Cisco 3620 Sub Interfaces / NAT

Posted on 2004-03-28
3
Medium Priority
?
547 Views
Last Modified: 2008-03-10
I am looking for some assistance in creating some
sub Interfaces and NAT on a CISCO 3620.


Here is what I am looking at doing.


Int 0/0.1  - 219.210.117.1 /25 (NO Nat)
Int 0/0.2  - 172.28.10.1   /23 (NAT Masquerade)
Int 0/0.3  - 172.28.12.1   /24 (NAT Masquerade)
Serial 0/0 - 219.63.168.10 /30

Default Route to 219.63.168.9 (via Serial 0/0)


I want Each Sub-Interface to be able to route to
the other sub interfaces and all to route to a the
internet via Serial 0/0 (T1 CSU/DSU).

I am running Cisco IOS ver 12.1(5)  and will be upgrading
to '12.3(5)' in the next couple of days.


Thanks for any help.

Mark Anderson

0
Comment
Question by:networkfrontier
  • 2
3 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 2000 total points
ID: 10700461
That's pretty easy if you want to nat  everything to the serial 0/0 interface address

interface serial 0/0
 ip nat outside
!
interface ethernet 0/0.1
 ip address 219.210.117.1 255.255.255.192

!
interface ethernet 0/0.2
 ip address 172.28.10.1 255.255.255.0
 ip nat inside
!
interface ethernet 0/0.3
 ip address 172.28.12.1 255.255.255.0
 ip nat inside
!
!
access-list 2 permit 172.28.10.0 0.0.0.255
access-list 2 permit 172.28.12.0 0.0.0.255
!
ip nat inside source list 2 interface serial0/0 overload
!

That's about all you have to do for simple nat

0
 

Author Comment

by:networkfrontier
ID: 10728261
lrmoore,

When I try this  I get :

% Configuring IP routing on a LAN subinterface is only allowed if that
subinterface is already configured as part of an IEEE 802.10, IEEE 802.1Q,
or ISL vLAN.

How do I get around this?

Mark Anderson
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 10728546
Assuming that your switch is using dot1Q vlan tagging:

interface ethernet 0/0.2
 encapsulation dot1Q 2  <-- VLAN #
 ip address 219.210.117.1 255.255.255.192

interface ethernet 0/0.3
 encapsulation dot1Q 3  <-- VLAN #
 ip address 219.210.117.1 255.255.255.192
!

Etc...
I was not sure if you were doing VLAN Ethernet sub-interfaces or serial sub-interfaces like on a frame-relay wan..


0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

927 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question