We help IT Professionals succeed at work.

Check out our new AWS podcast with Certified Expert, Phil Phillips! Listen to "How to Execute a Seamless AWS Migration" on EE or on your favorite podcast platform. Listen Now

x

Cisco 3620 NAT Question

networkfrontier
on
Medium Priority
457 Views
Last Modified: 2012-06-22
I have a router setup as follows


T1(S0/0)-------|                                            |---(E0/0 Public IP clients)
                       ----(CEF/Load Per Packet)------
T1(S0/1)-------|                                            |---(E0/1 NAT Masqueade clients)


Right now I have a simple NAT setup, which NATs via S0/1 and S0/0,  but what I really want to
do is NAT Masqueade via one of the Public IPs from E0/0 (204.120.117.10),  and then via both
S0/0 and S0/1.

With my Current setup all my NAT clients appear to have the 'Serial 0/0' IP address and therefore
all incoming traffic flows over the S0/0 T1,  which causes a problem because the T1 lines are not
load balancing correctly.
 

Can someone help with a config?      My old config is below :  

Thanks

Mark Anderson

--------------------------------------------------------------------------------------------------------
hostname ANY1-R1
!
no aaa new-model
ip subnet-zero
no ip source-route
!
!
no ip domain lookup
!
ip cef
!
interface FastEthernet0/0
 description PublicIPs
 ip address 204.120.117.1 255.255.255.128
 speed auto
 full-duplex
 no cdp enable
 no mop enabled
!
interface Serial0/0
 ip address 204.163.168.10 255.255.255.252
 ip nat outside
 ip load-sharing per-packet
 no fair-queue
 no cdp enable
!
interface FastEthernet0/1
 description PrivateIPs
 ip address 172.28.10.1 255.255.254.0 secondary
 ip address 172.21.12.1 255.255.255.0
 ip nat inside
 duplex auto
 speed auto
 no cdp enable
!
interface Serial0/1
 ip address 203.157.101.242 255.255.255.252
 ip nat outside
 ip load-sharing per-packet
 no fair-queue
 no cdp enable
!
ip nat inside source list 2 interface Serial0/0 overload
ip nat inside source list 3 interface Serial0/1 overload
ip http server
ip classless
ip route 0.0.0.0 0.0.0.0 204.163.168.9
ip route 0.0.0.0 0.0.0.0 203.157.101.241
!
!
access-list 2 permit 172.21.12.0 0.0.0.255
access-list 2 permit 172.28.10.0 0.0.0.255
access-list 3 permit 172.21.12.0 0.0.0.255
access-list 3 permit 172.28.10.0 0.0.0.255
no cdp run
!        
Comment
Watch Question

Commented:
Unlock this solution with a free trial preview.
(No credit card required)
Get Preview
This will give you better load balancing:

no ip cef
!
interface Serial0/0
 ip address 204.163.168.10 255.255.255.252
 ip nat outside
 no ip load-sharing per-packet
 ip route-cache flow
!
interface FastEthernet0/1
 ip address 172.28.10.1 255.255.254.0 secondary
 ip address 172.21.12.1 255.255.255.0
 ip nat inside
 ip route-cache flow
!
interface Serial0/1
 ip address 203.157.101.242 255.255.255.252
 ip nat outside
 no ip load-sharing per-packet
 ip route-cache flow
!
ip nat inside source list 2 interface Serial0/0 overload
ip nat inside source list 2 interface Serial0/1 overload
ip route 0.0.0.0 0.0.0.0 204.163.168.9
ip route 0.0.0.0 0.0.0.0 203.157.101.241
!
access-list 2 permit 172.21.12.0 0.0.0.255
access-list 2 permit 172.28.10.0 0.0.0.255

-Pascal
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a free trial preview!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.