Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 448
  • Last Modified:

How to allow user use 1 public ip address for access through a Cisco 2600

I am trying to figure out is it NAt or Pat not sure. What I need is to allow 192.168.1.x to access the internet using one public ip address. Never done this before and I am lost.
2 Solutions
Is .x one IP or many IP's?

.x=1 device - one to one NAT
.x=many devices - many to one NAT (hide behind NAT)

Try NAT Overload

Overloading  NAT that maps multiple IP addresses to a single  IP address by using different ports. Known also as PAT (Port Address Translation)

for more info on NAT u can check at -- http://www.cisco.com/warp/public/556/nat-cisco.shtml
Chris StauntonCommented:
You will need to setup NAT on the 2600 series:

on your inside interface connected to your 192.x.x.x network you will need to add a command.

ip nat inside

on your outside interface connected to your public network you will need to add a command.

ip nat outside

If you were given a small subnet from the ISP for instance you would need to create a pool

ip nat pool Inet(Name of pool) x.x.x.x x.x.x.x (range of ips given) netmask x.x.x.x (netmask given)
ip nat inside source list 1 pool Inet(name of pool) overload

you will also need to create an access list for the pool

access-list 1 permit 192.x.x.x (or whatever reversed subnet mask)


The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

Chris post gives you the answer. one thing to add is that if you have just one ip address from ISP you can use
just that ip so:

ip nat pool Name_pool  ip-address   ip-address netmask

hope this helps
kvnetAuthor Commented:
Lilshoot and fm250 I think you guys are on target. I have jkust a single ip from ISP. WHne I trie creating the pool with the command ip nat pool ISP x.x.x.x(ip address from ISP) I receive the incomplete command error. When I use the ? at the end of the statement it is says I need a netmask. What am I missing.

are you using
try this
ip nat pool pool_name ISP-ip-address ISP-ip-address netmask

note that "netmask" word need to be there.

hope this helps
kvnetAuthor Commented:
Thanks guys that worked. I appreciate your help.
You are welcome Terry. glad it worked for you

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now