From: Harris, Joe F (Joe_Harris@xxxxxxxxxxxx)
Date: Wed Nov 28 2001 - 13:21:01 GMT-3
Sure it is... I would however recommend doing it with route-maps. You can
use route-maps with a dynamic NAT pool translations or you can use
route-maps with static NAT translations. When do the translations using a
route-map a fully extended translation takes place as oppossed to a simple
translation entry. In your case as I mentioned you can use static or dynamic
NAT, I have included an example of both for you.
DYNAMIC TRANSLATION
!
interface Serial2/0
!CONNECTION TO 1st ISP
ip address 192.168.20.1 255.255.255.0
ip nat outside
!
interface Serial3/0
!CONNECTION TO 2nd ISP
ip address 192.168.30.1 255.255.255.0
ip nat outside
!
interface Ethernet1/0
!INSIDE LOCAL NETWORK
ip address 10.10.10.1 255.255.255.0
ip nat inside
duplex full
speed 100
!
ip route 20.20.20.0 255.255.255.0 192.168.20.2
ip route 30.30.30.0 255.255.255.0 192.168.30.2
!
ip nat pool network-20 192.168.20.20 192.168.20.254 prefix-length 24
ip nat pool network-30 192.168.30.20 192.168.30.254 prefix-length 24
!
ip nat inside source route-map network2 pool network-20
ip nat inside source route-map network3 pool network-30
!
access-list 101 permit ip 10.10.10.0 0.0.0.255 20.20.20.0 0.0.0.255
access-list 102 permit ip 10.10.10.0 0.0.0.255 30.30.30.0 0.0.0.255
!
route-map network2 permit 10
match ip address 101
set ip next-hop 192.168.20.2
!
route-map network3 permit 10
match ip address 102
set ip next-hop 192.168.30.2
STATIC TRANSLATION
!
interface Serial2/0
!CONNECTION TO 1st ISP
ip address 192.168.20.1 255.255.255.0
ip nat outside
!
interface Serial3/0
!CONNECTION TO 2nd ISP
ip address 192.168.30.1 255.255.255.0
ip nat outside
!
interface Ethernet1/0
!INSIDE LOCAL NETWORK
ip address 10.10.10.1 255.255.255.0
ip nat inside
duplex full
speed 100
!
ip route 20.20.20.0 255.255.255.0 192.168.20.2
ip route 30.30.30.0 255.255.255.0 192.168.30.2
!
ip nat inside source static 10.10.10.43 192.168.20.2 route-map network2
ip nat inside source static 10.10.10.43 192.168.30.2 route-map network3
ip nat inside source static 10.10.10.65 192.168.20.3 route-map network2
ip nat inside source static 10.10.10.65 192.168.30.3 route-map network3
access-list 101 permit ip 10.10.10.0 0.0.0.255 20.20.20.0 0.0.0.255
access-list 102 permit ip 10.10.10.0 0.0.0.255 30.30.30.0 0.0.0.255
!
route-map network2 permit 10
match ip address 101
set ip next-hop 192.168.20.2
!
route-map network3 permit 10
match ip address 102
set ip next-hop 192.168.30.2
-----Original Message-----
From: Courtney Alexander Foster [mailto:cfoster@cnr.edu]
Sent: Wednesday, November 28, 2001 9:24 AM
To: Davis, David; ccielab@groupstudy.com
Subject: RE: Is it okay to have 2 NAT Outside interfaces on the same
router?
should be fine...as long as you have a different NAT pool for each
one...
-----Original Message-----
From: Davis, David
Sent: Wed 11/28/2001 9:00 AM
To: ccielab@groupstudy.com
Cc:
Subject: Is it okay to have 2 NAT Outside interfaces on the same
router?
In my configuration, I have two connections to the Internet,
each with
an ip nat outside statement. My Ethernet interface on the
internal
network has an ip nat inside statement.
Is it okay to have two ip nat outside statements on different
interfaces
on the same router?
Thanks,
David
This archive was generated by hypermail 2.1.4 : Fri Jun 21 2002 - 06:45:24 GMT-3