Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

NAT and route between VLAN

Posted on 2008-10-24
4
Medium Priority
?
784 Views
Last Modified: 2010-04-21
Hi,

i need to NAT traffic coming from the 192.168.1.0 network outgoing to 172.16.0.0 and 192.168.99.0 as one ip adress in the 192.168.2.0 network so the router at 192.168.2.254 will not see the real 192.168.1.0 address

I already NAT the traffic of the 192.168.1.0 to the outside interface (FE0)

Here's a part of the config


!
interface FastEthernet0
 description $ES_WAN$
 ip address dhcp client-id FastEthernet0
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface BRI0
 no ip address
 encapsulation hdlc
 shutdown
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
!
interface FastEthernet5
 switchport access vlan 2
!
interface FastEthernet6
 switchport access vlan 2
!
interface FastEthernet7
 switchport access vlan 2
!
interface FastEthernet8
 switchport access vlan 2
!
interface ATM0
 no ip address
 shutdown
 no atm ilmi-keepalive
 dsl operating-mode auto
!
interface Vlan1
 description $ETH-SW-LAUNCH$$INTF-INFO-FE 1$
 ip address 192.168.1.253 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 ip tcp adjust-mss 1452
!
interface Vlan2
 ip address 192.168.2.253 255.255.255.0
 ip nat inside
 ip virtual-reassembly
!
ip forward-protocol nd
ip route 192.168.1.0 255.255.255.0 Vlan1 permanent
ip route 192.168.2.0 255.255.255.0 Vlan2 permanent
ip route 172.16.0.0 255.255.0.0 192.168.2.254 permanent
ip route 192.168.99.0 255.255.255.0 192.168.2.254 permanent
!
!
ip http server
ip http access-class 23
ip http authentication local
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface FastEthernet0 overload
!


0
Comment
Question by:fox54
  • 2
  • 2
4 Comments
 
LVL 8

Expert Comment

by:MrJemson
ID: 22802101
Change:
interface Vlan2
 ip address 192.168.2.253 255.255.255.0
 ip nat inside
 ip virtual-reassembly

To:

interface Vlan2
 ip address 192.168.2.253 255.255.255.0
 ip nat outside
 ip virtual-reassembly
0
 

Author Comment

by:fox54
ID: 22802344
I think that it will NAT the traffic from 192.168.1.0 to 192.168.2.0  ???
i need only to NAT traffic from 192.168.1.0 to 172.16.0.0. and 192.168.99.0 (using router on 192.168.2.254)

The traffic from 192.168.1.0 to 192.168.2.0 must not be NAT

Will the traffic from 192.168.2.0 continue to be NAT when going out on FE0 ??

0
 
LVL 8

Accepted Solution

by:
MrJemson earned 500 total points
ID: 22809011
Hello,

I believe I misunderstood your intentions.
I now believe you are tyring to do the following:

Route traffic to the 172.16.0.0 and 192.168.99.0 networks, via 192.168.2.254, but NAT the traffic?

This cannot be done without NAT'ing the entire 192.168.1.0 subnet to the 192.168.2.0 network.
If you must not NAT between 192.168.2.0 and 192.168.1.0, im afraid you are out of luck.

However, if you can NAT .1.0 to .2.0, to answer your earlier question, Yes, you will still NAT out FE0.
0
 

Author Closing Comment

by:fox54
ID: 31509844
Well i think i will be out of luck then
I will be able to live with it
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It happens many times that access list (ACL) have to be applied to outgoing router interface in order to limit some traffic.This article is about how to test ACL from the router which is not very intuitive for everyone. Below scenario shows simple s…
The Cisco RV042 router is a popular small network interfacing device that is often used as an internet gateway. Network administrators need to get at the management interface to make settings, change passwords, etc. This access is generally done usi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question