Re: NAT using only a real interface?

From: Salvatore Privitera (sprivitera@telvia.it)
Date: Fri Jan 19 2001 - 10:53:39 EST


On 1/18/01 10:42 PM, "Martin, Don" <martind1@universalleaf.com> wrote:

> Subinterface example.
>
> This works on a 2620 (fast ethernet ISL trunk to a 2900 switch).
>
> !
> interface FastEthernet0/0
> no ip address
> no ip directed-broadcast
> !
> interface FastEthernet0/0.1
> encapsulation isl 2
> ip address 150.150.171.220 255.255.0.0
> ip access-group 101 in
> ip access-group 100 out
> no ip redirects
> no ip directed-broadcast
> ip nat outside
> !
> interface FastEthernet0/0.2
> encapsulation isl 5
> ip address 10.183.183.158 255.255.255.224
> ip access-group 141 in
> no ip redirects
> no ip directed-broadcast
> ip accounting access-violations
> ip nat inside
> !
> ip nat pool travel 150.150.171.218 150.150.171.219 netmask 255.255.0.0
> ip nat inside source list 1 pool travel
>
>> -----Original Message-----
>> From: Keith McCallion [SMTP:keith@mccallion.com]
>> Sent: Thursday, January 18, 2001 4:37 PM
>> To: Salvatore Privitera
>> Cc: C. Jon Larsen; Work
>> Subject: Re: NAT using only a real interface?
>>
>> On Thu, 18 Jan 2001, Salvatore Privitera wrote:
>>
>>> The problem is that whe have 2 LAN connectedto the ethernet 0/0 port,
>> one
>>> public and one private using ip secondary address and we wan to do NAT
>> on
>>> the SAME ethernet 0/0 interface!
>>
>> What about using subinterfaces instead of secondary addresses? I'm not
>> positive this will work, but, I think it is your only option of getting
>> both an inbound and outbound interface to configure, which you need for
>> NAT.
>>
>> --
>> Keith McCallion
>> keith@mccallion.com
>

It works on a 3640 using VLAN 802.10!!! thanks a lot!

Salvo



This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:25 EDT