Creating a second nat

I currently have one NAT (PAT) address for all traffic egressing a site via a 3845 router with Zone Firewalling.  The NAT is using the IP address on the external interface.  I want to create a separate NAT for users of my guest VLAN who will be in the subnet.  They should all get natted to a different IP address than the interface IP.  Please comment if this looks good.  

My proposed change to do this:

ip nat inside source route-map SDM_RMAP_2 pool guestpool overload

ip nat pool guestpool prefix-length 27

route-map SDM_RMAP_2 permit 1
 match ip address GuestNAT

ip access-list extended GuestNat
permit ip

The EXISTING configuration:  

interface GigabitEthernet0/0
 description ***** Public Gateway*****$ES_LAN$$FW_OUTSIDE$$ETH-WAN$
 ip address
 ip nat outside
 zone-member security out-zone

ip nat inside source route-map SDM_RMAP_1 interface GigabitEthernet0/0 overload

route-map SDM_RMAP_1 permit 1
 match ip address NatTraffic

ip access-list extended NatTraffic
 remark Traffic to be Natted
 remark CCP_ACL Category=2
 permit ip any
amigan_99Network EngineerAsked:
Who is Participating?
602650528Connect With a Mentor Commented:
Perfect. This should work
amigan_99Network EngineerAuthor Commented:
Haha.  Yep - and so it did!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.