I have a Cisco 1720. When configured as our border gateway router, it was setup with NAT. I have since been interested in deploying a Linux Based Iptables Firewall right behind the router because I would like to add other services to the network and better protect them.
My thoughts are that I need to disable the Nat on the 1720 Router and Route our external address on the serial interface to the FastEther0 interface on the router. From there the Firewall will route back and forth directly to the router on one IP address. The firewall would be configured with Masquarading, or LINUX termed NAT.
Well, here is my problem. I'm just playing right now to see if I can figure it out. When trying to erase the commands in the Router Config regarding the NAT Pool, the router is telling me that I cannot do that because the pool is currently in use. What gives?