Expiring Today—Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


Cisco: NAT - OpenDNS

Posted on 2013-01-30
Medium Priority
Last Modified: 2013-01-31
I have 5 external IPs - Primary Secondary on Cisco 2800

For OpenDNS to work it must see the WAN side IP of inbound DNS request. To have multiple filtering rules I need to use one WAN side IP per subnet translated.

The issues I have is that I can only get the system to see the WAN side address if I use a local DNS server NAT that to the WAN side IP....

What I want to do is skip the internal DNS server and have the DHCP give out the public DNS server IPs then have the entire subnet look like it's coming from the WAN side IP.

I want / 24 to translate to and  / 24 translating to

ip nat pool cahs_guest netmask
ip nat pool cahs netmask

ip nat inside source list 1 pool cahs  overload
ip nat inside source list 2 pool cahs_guest overload

Then I have the subnets in the pool.

The only way it is working is with:

ip nat inside source static
Question by:jpcoon
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
LVL 15

Assisted Solution

Frabble earned 500 total points
ID: 38837646
Presumably you also have:
access-list 1 permit ip
access-list 2 permit ip

and ip nat inside, ip nat outside on the required interfaces.

This should work. When you're attempting connections, what is the output from:
show ip nat translations
LVL 20

Accepted Solution

rauenpc earned 500 total points
ID: 38838104

Author Comment

ID: 38841231
There was a typo in my ip nat pool statement

Author Closing Comment

ID: 38841233
Thanks for the direction

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It happens many times that access list (ACL) have to be applied to outgoing router interface in order to limit some traffic.This article is about how to test ACL from the router which is not very intuitive for everyone. Below scenario shows simple s…
In the hope of saving someone else's sanity... About a year ago we bought a Cisco 1921 router with two ADSL/VDSL EHWIC cards to load balance local network traffic over the two broadband lines we have, but we couldn't get the routing to work consi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question