Solved

Cisco 3620 NAT Question

Posted on 2004-04-05
2
444 Views
Last Modified: 2012-06-22
I have a router setup as follows


T1(S0/0)-------|                                            |---(E0/0 Public IP clients)
                       ----(CEF/Load Per Packet)------
T1(S0/1)-------|                                            |---(E0/1 NAT Masqueade clients)


Right now I have a simple NAT setup, which NATs via S0/1 and S0/0,  but what I really want to
do is NAT Masqueade via one of the Public IPs from E0/0 (204.120.117.10),  and then via both
S0/0 and S0/1.

With my Current setup all my NAT clients appear to have the 'Serial 0/0' IP address and therefore
all incoming traffic flows over the S0/0 T1,  which causes a problem because the T1 lines are not
load balancing correctly.
 

Can someone help with a config?      My old config is below :  

Thanks

Mark Anderson

--------------------------------------------------------------------------------------------------------
hostname ANY1-R1
!
no aaa new-model
ip subnet-zero
no ip source-route
!
!
no ip domain lookup
!
ip cef
!
interface FastEthernet0/0
 description PublicIPs
 ip address 204.120.117.1 255.255.255.128
 speed auto
 full-duplex
 no cdp enable
 no mop enabled
!
interface Serial0/0
 ip address 204.163.168.10 255.255.255.252
 ip nat outside
 ip load-sharing per-packet
 no fair-queue
 no cdp enable
!
interface FastEthernet0/1
 description PrivateIPs
 ip address 172.28.10.1 255.255.254.0 secondary
 ip address 172.21.12.1 255.255.255.0
 ip nat inside
 duplex auto
 speed auto
 no cdp enable
!
interface Serial0/1
 ip address 203.157.101.242 255.255.255.252
 ip nat outside
 ip load-sharing per-packet
 no fair-queue
 no cdp enable
!
ip nat inside source list 2 interface Serial0/0 overload
ip nat inside source list 3 interface Serial0/1 overload
ip http server
ip classless
ip route 0.0.0.0 0.0.0.0 204.163.168.9
ip route 0.0.0.0 0.0.0.0 203.157.101.241
!
!
access-list 2 permit 172.21.12.0 0.0.0.255
access-list 2 permit 172.28.10.0 0.0.0.255
access-list 3 permit 172.21.12.0 0.0.0.255
access-list 3 permit 172.28.10.0 0.0.0.255
no cdp run
!        
0
Comment
Question by:networkfrontier
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 1

Accepted Solution

by:
reden earned 500 total points
ID: 10764263
That;s is not possible with the existing hardware NAT engine will process the packets when it have passed the interface.  You must add another router or linux or windows server to do the NAT.

0
 
LVL 6

Expert Comment

by:Pascal666
ID: 10772712
This will give you better load balancing:

no ip cef
!
interface Serial0/0
 ip address 204.163.168.10 255.255.255.252
 ip nat outside
 no ip load-sharing per-packet
 ip route-cache flow
!
interface FastEthernet0/1
 ip address 172.28.10.1 255.255.254.0 secondary
 ip address 172.21.12.1 255.255.255.0
 ip nat inside
 ip route-cache flow
!
interface Serial0/1
 ip address 203.157.101.242 255.255.255.252
 ip nat outside
 no ip load-sharing per-packet
 ip route-cache flow
!
ip nat inside source list 2 interface Serial0/0 overload
ip nat inside source list 2 interface Serial0/1 overload
ip route 0.0.0.0 0.0.0.0 204.163.168.9
ip route 0.0.0.0 0.0.0.0 203.157.101.241
!
access-list 2 permit 172.21.12.0 0.0.0.255
access-list 2 permit 172.28.10.0 0.0.0.255

-Pascal
0

Featured Post

Simple, centralized multimedia control

Watch and learn to see how ATEN provided an easy and effective way for three jointly-owned pubs to control the 60 televisions located across their three venues utilizing the ATEN Control System, Modular Matrix Switch and HDBaseT extenders.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Problem Description:   Couple of months ago we upgraded the ADSL line at our branch office from Home to Business line. The purpose of transforming the service to have static public IP’s. We were in need for public IP’s to publish our web resour…
There are two basic ways to configure a static route for Cisco IOS devices. I've written this article to highlight a case study comparing the configuration of a static route using the next-hop IP and the configuration of a static route using an outg…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question