Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Multiple NAT sessions on 1 Router?

Posted on 2004-10-25
3
Medium Priority
?
333 Views
Last Modified: 2006-11-17
Is it possible to have multiple NAT sessions on a single router?

I would like to have similar setup (WebServer etc.) on second public IP on
Interface Ethernet 3/0 IP 66.x.86.x

Partial current config listed below.

!
ip nat inside source list 2 interface Ethernet3/2 overload
ip nat inside source static tcp 172.x.13.12 53 66.x.66. x 53 extendable
ip nat inside source static tcp 172.x.13.12 80 66. x.66. x 80 extendable
ip nat inside source static udp 172.x.13.12 53 66. x.66. x 53 extendable
ip classless
ip route 0.0.0.0 0.0.0.0 66. x.66.1
ip route 0.0.0.0 0.0.0.0 66. x.86.1 200
!
!
!
ip access-list extended WebServer
.
.
 permit tcp any any established
 .
.
 permit udp any eq domain host 66. x.66.17
 permit udp any host 66. x.66. x eq domain
 permit tcp any host 66. x.66. x eq domain
 permit tcp any host 66. x.66. x eq www
.
.
deny   ip any any log-input
!
!
access-list 2 permit 10.0.0.0 0.255.255.255  < ==== Inside Private Subnets
access-list 2 permit 172.16.0.0 0.15.255.255  < ==== Inside Private Subnets
access-list 2 permit 192.168.0.0 0.0.255.255  < ==== Inside Private Subnets
!
!

0
Comment
Question by:orbix
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 500 total points
ID: 12400683
No problem...
   ip nat inside source static tcp <private ip> 80 66.x.86.x 80 extendable

It doesn't really matter which interface or where that private IP lives, as long as the interface is designated a "nat inside" interface..
Just be sure to adjust your inbound acl to accomodate the new server:
   permit tcp any host 66.x.86.x eq www
0
 

Author Comment

by:orbix
ID: 12406248
Again, thanks for your help.

I do have another question about this. Currently all out bound traffice is going out Int E3/2

!
ip nat inside source list 2 interface Ethernet3/2 overload = 66.x.66.1
!
ip route 0.0.0.0 0.0.0.0 66. x.66.1
ip route 0.0.0.0 0.0.0.0 66. x.86.1 200
!

But if that Int, or ISP IP goes down, the secondary Gateway will kick in, How will out bound traffic go? Will it all stop due to Int E3/2 (66.x.66.1) being down, or will the NAT Fail over as well as the gateway of last resort?
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 12406792
I'd have to see your complete config to see if that would also fail over..
As long as the 66.xx.86.x subnet and the 66.xx.66.x subnets get broadcast from this router to the iSP, there's no issue.
are you using BGP to send your network(s) to the ISP?
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

New Server 172.16.200.2  was moved from behind Router R2 f0/1 to behind router R1 int f/01 and has now address 172.16.100.2. But we want users still to be able to connected to it by old IP. How to do it ? We can used destination NAT (DNAT).  In DNAT…
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

596 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question