thanks Prince, That's ideally I want but as previously mentioned in 12.4
you can't have 2 <ip nat inside> statements. The concluded config form your
above config will only be
ip nat inside source list LAN_TRAFFIC interface g0/0 overload () this
command will overwrite any previous ip nat inside staement
secondly, if I nat to a pool with overlaod it will pat but not load
balance across all the pool ip address. ie it will first pat 65000 ips to
first ip from pool, then to second ip and so on and so forth.
Kind regards
Tauseef
mobile: +44 7837209187
On 3 October 2013 11:38, Prince Emirate <begeieia_at_googlemail.com> wrote:
> Tauseef,
>
> I'm not sure the whether this will suffice your requirement....
>
> ip nat pool FIX-ME 204.12.1.1 204.12.1.31 prefix-length 27
> !
> ip access-list extended sERVER_TRAFFIC
> permit ip 155.1.1.0 0.0.0.31 any
> deny ip any any
> !
> ip nat inside source list NAT_TRAFFIC pool FIX-ME
>
> access-l extended LAN_TRAFFIC
> permit ip 155.1.1.32 0.0.0.31
> permit ip 155.1.1.64 0.0.0.31
> !
> !
> ip nat inside source list LAN_TRAFFIC interface g0/0 overload
>
>
>
> Expert Kindly correct me if i'm wrong.
>
>
>
>
>
> ABDULLAHI BEGE
> Snr. Network Engineer.
> CCIE# 37630 RnS.
>
>
> On Wed, Oct 2, 2013 at 11:46 PM, Joe Sanchez <marco207p_at_gmail.com> wrote:
>
>> Give and example of what you want . Because it is doable based on what
>> I've seen so far.
>>
>> Regards,
>> Joe Sanchez
>>
>> ( please excuse the brevity of this email as it was sent via a mobile
>> device. Please excuse misspelled words or sentence structure.)
>>
>> On Oct 2, 2013, at 9:28 AM, Tauseef Khan <tasneemjan_at_googlemail.com>
>> wrote:
>>
>> > yes you are right Prince but what I am looking to do is 1-1 nat to a /27
>> > pool and rest PAT to the Public interface IP address like on ASA, which
>> > looks not achievable on up to ios 12.4 not sure about 15.x but I will
>> test
>> > that.
>> >
>> > Kind regards
>> >
>> > Tauseef
>> > mobile: +44 7837209187
>> >
>> >
>> > On 2 October 2013 13:49, Prince Emirate <begeieia_at_googlemail.com>
>> wrote:
>> >
>> >> In general i think already PAT to the public ip address since it's a
>> /24
>> >> to 10 public address. Thats 65535 open connection from internal to a
>> >> single public address. Frankly I hard believe u will exhaust the
>> public
>> >> address.
>> >> I have a deployment of 10.0.0.0/8 to a /29 public, nd we still
>> reserved
>> >> sm for static NAT.
>> >>
>> >> Kindly correct me experts if im wrong.
>> >> On 1 Oct 2013 12:05, "Sadiq Yakasai" <sadiqtanko_at_gmail.com> wrote:
>> >>
>> >>> See link below. Alot of examples but none of which is exact to what
>> you
>> >>> are
>> >>> asking for:
>> >>>
>> >>>
>> >>>
>> http://www.cisco.com/en/US/docs/ios-xml/ios/ipaddr_nat/configuration/12-4/iadnat-addr-consv.html#GUID-2B90342E-DFEE-4593-A4A9-47A17A657ACC
>> >>>
>> >>>
>> >>>
>> >>> On Tue, Oct 1, 2013 at 11:44 AM, Tauseef Khan <
>> tasneemjan_at_googlemail.com
>> >>>> wrote:
>> >>>
>> >>>> Can you have multiple <ip nat inside> statements? i don't think
>> >>>>
>> >>>> Kind regards
>> >>>>
>> >>>> Tauseef
>> >>>> mobile: +44 7837209187
>> >>>>
>> >>>>
>> >>>> On 1 October 2013 11:16, Sadiq Yakasai <sadiqtanko_at_gmail.com> wrote:
>> >>>>
>> >>>>> I havent done NAT on IOS in a while but my first reaction to your
>> query
>> >>>>> would be, yes.
>> >>>>>
>> >>>>> How about creating a second NAT statement for overloading the
>> interface
>> >>>>> after the first one that references the pool? Of course, you want to
>> >>> test
>> >>>>> this out! ;-)
>> >>>>>
>> >>>>> HTH a bit.
>> >>>>>
>> >>>>> Sadiq
>> >>>>>
>> >>>>>
>> >>>>> On Tue, Oct 1, 2013 at 11:03 AM, Tauseef Khan <
>> >>> tasneemjan_at_googlemail.com>wrote:
>> >>>>>
>> >>>>>> Appreciate if some one could clarify. Is it possible to configure
>> NAT
>> >>> and
>> >>>>>> PAT similtuneously on IOS 12.4x
>> >>>>>>
>> >>>>>> I need to nat the internal /24 to a pool of 10 public IP addresses
>> and
>> >>>>>> rest
>> >>>>>> to the Public Interface IP address of the router so that when the
>> 10
>> >>>>>> address pool is exhausted rest of the internal IPs are pated to
>> >>> Interface
>> >>>>>> IP address of Router like on ASA firewalls.
>> >>>>>>
>> >>>>>>
>> >>>>>>
>> >>>>>>
>> >>>>>> Kind regards
>> >>>>>>
>> >>>>>> Tauseef
>> >>>>>> mobile: +44 7837209187
>> >>>>>>
>> >>>>>>
>> >>>>>> Blogs and organic groups at http://www.ccie.net
>> >>>
>> _______________________________________________________________________
>> >>>>>> Subscription information may be found at:
>> >>>>>> http://www.groupstudy.com/list/CCIELab.html
>> >>>>>
>> >>>>>
>> >>>>> --
>> >>>>> CCIEx2 (R&S|Sec) #19963
>> >>>
>> >>>
>> >>> --
>> >>> CCIEx2 (R&S|Sec) #19963
>> >>>
>> >>>
>> >>> Blogs and organic groups at http://www.ccie.net
>> >>>
>> >>>
>> _______________________________________________________________________
>> >>> Subscription information may be found at:
>> >>> http://www.groupstudy.com/list/CCIELab.html
>> >
>> >
>> > Blogs and organic groups at http://www.ccie.net
>> >
>> > _______________________________________________________________________
>> > Subscription information may be found at:
>> > http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Thu Oct 03 2013 - 11:48:22 ART
This archive was generated by hypermail 2.2.0 : Fri Nov 01 2013 - 07:35:39 ART