Subinterface example.
This works on a 2620 (fast ethernet ISL trunk to a 2900 switch).
!
interface FastEthernet0/0
no ip address
no ip directed-broadcast
!
interface FastEthernet0/0.1
encapsulation isl 2
ip address 150.150.171.220 255.255.0.0
ip access-group 101 in
ip access-group 100 out
no ip redirects
no ip directed-broadcast
ip nat outside
!
interface FastEthernet0/0.2
encapsulation isl 5
ip address 10.183.183.158 255.255.255.224
ip access-group 141 in
no ip redirects
no ip directed-broadcast
ip accounting access-violations
ip nat inside
!
ip nat pool travel 150.150.171.218 150.150.171.219 netmask 255.255.0.0
ip nat inside source list 1 pool travel
> -----Original Message-----
> From: Keith McCallion [SMTP:keith@mccallion.com]
> Sent: Thursday, January 18, 2001 4:37 PM
> To: Salvatore Privitera
> Cc: C. Jon Larsen; Work
> Subject: Re: NAT using only a real interface?
>
> On Thu, 18 Jan 2001, Salvatore Privitera wrote:
>
> > The problem is that whe have 2 LAN connectedto the ethernet 0/0 port,
> one
> > public and one private using ip secondary address and we wan to do NAT
> on
> > the SAME ethernet 0/0 interface!
>
> What about using subinterfaces instead of secondary addresses? I'm not
> positive this will work, but, I think it is your only option of getting
> both an inbound and outbound interface to configure, which you need for
> NAT.
>
> --
> Keith McCallion
> keith@mccallion.com
This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:25 EDT