NAT and route between VLAN

Hi,

i need to NAT traffic coming from the 192.168.1.0 network outgoing to 172.16.0.0 and 192.168.99.0 as one ip adress in the 192.168.2.0 network so the router at 192.168.2.254 will not see the real 192.168.1.0 address

I already NAT the traffic of the 192.168.1.0 to the outside interface (FE0)

Here's a part of the config


!
interface FastEthernet0
 description $ES_WAN$
 ip address dhcp client-id FastEthernet0
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface BRI0
 no ip address
 encapsulation hdlc
 shutdown
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
!
interface FastEthernet5
 switchport access vlan 2
!
interface FastEthernet6
 switchport access vlan 2
!
interface FastEthernet7
 switchport access vlan 2
!
interface FastEthernet8
 switchport access vlan 2
!
interface ATM0
 no ip address
 shutdown
 no atm ilmi-keepalive
 dsl operating-mode auto
!
interface Vlan1
 description $ETH-SW-LAUNCH$$INTF-INFO-FE 1$
 ip address 192.168.1.253 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 ip tcp adjust-mss 1452
!
interface Vlan2
 ip address 192.168.2.253 255.255.255.0
 ip nat inside
 ip virtual-reassembly
!
ip forward-protocol nd
ip route 192.168.1.0 255.255.255.0 Vlan1 permanent
ip route 192.168.2.0 255.255.255.0 Vlan2 permanent
ip route 172.16.0.0 255.255.0.0 192.168.2.254 permanent
ip route 192.168.99.0 255.255.255.0 192.168.2.254 permanent
!
!
ip http server
ip http access-class 23
ip http authentication local
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface FastEthernet0 overload
!


fox54Asked:
Who is Participating?
 
MrJemsonConnect With a Mentor Commented:
Hello,

I believe I misunderstood your intentions.
I now believe you are tyring to do the following:

Route traffic to the 172.16.0.0 and 192.168.99.0 networks, via 192.168.2.254, but NAT the traffic?

This cannot be done without NAT'ing the entire 192.168.1.0 subnet to the 192.168.2.0 network.
If you must not NAT between 192.168.2.0 and 192.168.1.0, im afraid you are out of luck.

However, if you can NAT .1.0 to .2.0, to answer your earlier question, Yes, you will still NAT out FE0.
0
 
MrJemsonCommented:
Change:
interface Vlan2
 ip address 192.168.2.253 255.255.255.0
 ip nat inside
 ip virtual-reassembly

To:

interface Vlan2
 ip address 192.168.2.253 255.255.255.0
 ip nat outside
 ip virtual-reassembly
0
 
fox54Author Commented:
I think that it will NAT the traffic from 192.168.1.0 to 192.168.2.0  ???
i need only to NAT traffic from 192.168.1.0 to 172.16.0.0. and 192.168.99.0 (using router on 192.168.2.254)

The traffic from 192.168.1.0 to 192.168.2.0 must not be NAT

Will the traffic from 192.168.2.0 continue to be NAT when going out on FE0 ??

0
 
fox54Author Commented:
Well i think i will be out of luck then
I will be able to live with it
0
All Courses

From novice to tech pro — start learning today.