Creating a second nat

Posted on 2012-08-22
Last Modified: 2012-08-25
I currently have one NAT (PAT) address for all traffic egressing a site via a 3845 router with Zone Firewalling.  The NAT is using the IP address on the external interface.  I want to create a separate NAT for users of my guest VLAN who will be in the subnet.  They should all get natted to a different IP address than the interface IP.  Please comment if this looks good.  

My proposed change to do this:

ip nat inside source route-map SDM_RMAP_2 pool guestpool overload

ip nat pool guestpool prefix-length 27

route-map SDM_RMAP_2 permit 1
 match ip address GuestNAT

ip access-list extended GuestNat
permit ip

The EXISTING configuration:  

interface GigabitEthernet0/0
 description ***** Public Gateway*****$ES_LAN$$FW_OUTSIDE$$ETH-WAN$
 ip address
 ip nat outside
 zone-member security out-zone

ip nat inside source route-map SDM_RMAP_1 interface GigabitEthernet0/0 overload

route-map SDM_RMAP_1 permit 1
 match ip address NatTraffic

ip access-list extended NatTraffic
 remark Traffic to be Natted
 remark CCP_ACL Category=2
 permit ip any
Question by:amigan_99
    LVL 6

    Accepted Solution

    Perfect. This should work
    LVL 1

    Author Closing Comment

    Haha.  Yep - and so it did!

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Enabling OSINT in Activity Based Intelligence

    Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

    Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
    Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
    Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    13 Experts available now in Live!

    Get 1:1 Help Now