?
Solved

NAT and route between VLAN

Posted on 2008-10-24
4
Medium Priority
?
783 Views
Last Modified: 2010-04-21
Hi,

i need to NAT traffic coming from the 192.168.1.0 network outgoing to 172.16.0.0 and 192.168.99.0 as one ip adress in the 192.168.2.0 network so the router at 192.168.2.254 will not see the real 192.168.1.0 address

I already NAT the traffic of the 192.168.1.0 to the outside interface (FE0)

Here's a part of the config


!
interface FastEthernet0
 description $ES_WAN$
 ip address dhcp client-id FastEthernet0
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface BRI0
 no ip address
 encapsulation hdlc
 shutdown
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
!
interface FastEthernet5
 switchport access vlan 2
!
interface FastEthernet6
 switchport access vlan 2
!
interface FastEthernet7
 switchport access vlan 2
!
interface FastEthernet8
 switchport access vlan 2
!
interface ATM0
 no ip address
 shutdown
 no atm ilmi-keepalive
 dsl operating-mode auto
!
interface Vlan1
 description $ETH-SW-LAUNCH$$INTF-INFO-FE 1$
 ip address 192.168.1.253 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 ip tcp adjust-mss 1452
!
interface Vlan2
 ip address 192.168.2.253 255.255.255.0
 ip nat inside
 ip virtual-reassembly
!
ip forward-protocol nd
ip route 192.168.1.0 255.255.255.0 Vlan1 permanent
ip route 192.168.2.0 255.255.255.0 Vlan2 permanent
ip route 172.16.0.0 255.255.0.0 192.168.2.254 permanent
ip route 192.168.99.0 255.255.255.0 192.168.2.254 permanent
!
!
ip http server
ip http access-class 23
ip http authentication local
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface FastEthernet0 overload
!


0
Comment
Question by:fox54
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 8

Expert Comment

by:MrJemson
ID: 22802101
Change:
interface Vlan2
 ip address 192.168.2.253 255.255.255.0
 ip nat inside
 ip virtual-reassembly

To:

interface Vlan2
 ip address 192.168.2.253 255.255.255.0
 ip nat outside
 ip virtual-reassembly
0
 

Author Comment

by:fox54
ID: 22802344
I think that it will NAT the traffic from 192.168.1.0 to 192.168.2.0  ???
i need only to NAT traffic from 192.168.1.0 to 172.16.0.0. and 192.168.99.0 (using router on 192.168.2.254)

The traffic from 192.168.1.0 to 192.168.2.0 must not be NAT

Will the traffic from 192.168.2.0 continue to be NAT when going out on FE0 ??

0
 
LVL 8

Accepted Solution

by:
MrJemson earned 500 total points
ID: 22809011
Hello,

I believe I misunderstood your intentions.
I now believe you are tyring to do the following:

Route traffic to the 172.16.0.0 and 192.168.99.0 networks, via 192.168.2.254, but NAT the traffic?

This cannot be done without NAT'ing the entire 192.168.1.0 subnet to the 192.168.2.0 network.
If you must not NAT between 192.168.2.0 and 192.168.1.0, im afraid you are out of luck.

However, if you can NAT .1.0 to .2.0, to answer your earlier question, Yes, you will still NAT out FE0.
0
 

Author Closing Comment

by:fox54
ID: 31509844
Well i think i will be out of luck then
I will be able to live with it
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

While it is possible to put two routes in place with the secondary having a higher metric, this may not always work. In the event of a failure that does not bring down the physical interface on the router the primary route is not removed. There is a…
In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question