Creating a second nat

I currently have one NAT (PAT) address for all traffic egressing a site via a 3845 router with Zone Firewalling.  The NAT is using the IP address on the external interface.  I want to create a separate NAT for users of my guest VLAN who will be in the 172.16.10.0 subnet.  They should all get natted to a different IP address than the interface IP.  Please comment if this looks good.  

My proposed change to do this:

ip nat inside source route-map SDM_RMAP_2 pool guestpool overload

ip nat pool guestpool 65.11.5.163 65.11.5.163 prefix-length 27

route-map SDM_RMAP_2 permit 1
 match ip address GuestNAT

ip access-list extended GuestNat
permit ip 172.16.10.0 0.0.0.255

The EXISTING configuration:  

interface GigabitEthernet0/0
 description ***** Public Gateway*****$ES_LAN$$FW_OUTSIDE$$ETH-WAN$
 ip address 66.11.5.162 255.255.255.224
 ip nat outside
 zone-member security out-zone

ip nat inside source route-map SDM_RMAP_1 interface GigabitEthernet0/0 overload

route-map SDM_RMAP_1 permit 1
 match ip address NatTraffic
!

ip access-list extended NatTraffic
 remark Traffic to be Natted
 remark CCP_ACL Category=2
 permit ip 10.0.0.0 0.255.255.255 any
LVL 1
amigan_99Network EngineerAsked:
Who is Participating?
 
602650528Connect With a Mentor Commented:
Perfect. This should work
0
 
amigan_99Network EngineerAuthor Commented:
Haha.  Yep - and so it did!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.