Announcement

Collapse
No announcement yet.

IP NAT Pool

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • IP NAT Pool

    amidoinitrite?

    I currently have: (truncated)

    interface FastEthernet4
    description $ETH-WAN$
    ip address 115.70.X.Y 255.255.255.254
    ip nat outside
    ip virtual-reassembly
    duplex auto
    speed auto
    interface Vlan1
    ip address 192.168.X.254 255.255.255.0
    ip nat inside
    ip virtual-reassembly
    !
    !
    ip nat inside source list 1 interface FastEthernet4 overloard
    access-list 1 permit 192.168.X.0 0.0.0.255

    I have an additional /29 I want to use.

    Would the following give me an adequate NAT pool:

    ip nat pool MyPool 115.70.YYY.56 115.70.YYY.63 255.255.255.248
    no ip nat inside source list 1 interface FastEthernet4 overload
    ip nat inside source list 1 pool MyPool

    ??
    Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

  • #2
    Re: IP NAT Pool

    Looks good. You could use the new pool first then when that is exhausted then switch over to the overload. The order in the config would determine what is used first.
    CCNA, CCNA-Security, CCNP
    CCIE Security (In Progress)

    Comment


    • #3
      Re: IP NAT Pool

      thanks

      so when you say use the pool first - i'm doing about 70 internal devices out over that /29
      doesn't change things at all ?
      Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

      Comment


      • #4
        Re: IP NAT Pool

        If you pool can support that many it will continue to use the pool until it is exhausted, then if you add an overload it will switch over to that.
        CCNA, CCNA-Security, CCNP
        CCIE Security (In Progress)

        Comment


        • #5
          Re: IP NAT Pool

          but I can do "many-to-one" using that pool ? (same as normal nat that would be in use with a single IP?")

          hmm. it didn't seem to work as an overload entry so I've rolled it back for now and will reconsider and try again tonight..
          Last edited by tehcamel; 15th April 2013, 23:55.
          Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

          Comment


          • #6
            Re: IP NAT Pool

            Yes just add the overload keyword to your nat statement with the pool specified.
            CCNA, CCNA-Security, CCNP
            CCIE Security (In Progress)

            Comment


            • #7
              Re: IP NAT Pool

              ok - this is kind of working.
              It's sending traffic out the 115.X.Y.57 address (which is part of the pool)
              but it seems to be only using this address.

              I'd like to make it randomly use any of them, is that possible or would I need to use ACLs to say "192.168.10.10-20 use .57, 20-30 use .58, 30-40 use .59" etc
              ?
              Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

              Comment


              • #8
                Re: IP NAT Pool

                If you want to use all addresses from the pool remove the overload keyword. Overload keyword specifies PAT. Each address can have like 65,000 pat translations.

                The acl bound to your nat statements specifies what source addresses are to be natted. If you want a source range to use a certain nat translation then you can specify what source is to use it in your acl and then link the acl to the appropriate nat statement.
                CCNA, CCNA-Security, CCNP
                CCIE Security (In Progress)

                Comment


                • #9
                  Re: IP NAT Pool

                  ok.. but without the overload, the first 6 internal addresses will get the pool addresses and eveyrthing else will miss out.. ?
                  (just so I'm understanding clearly)
                  Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

                  Comment


                  • #10
                    Re: IP NAT Pool

                    Correct. If your pool is specified first then it will use that pool until it is exhausted but you can take another available address and use that for your overload. Once your pool is used up it will fall over to the overload. The order in the config determines what gets used first. Normally I use a single ip for my normal clients and use any block of addresses for servers etc...
                    CCNA, CCNA-Security, CCNP
                    CCIE Security (In Progress)

                    Comment


                    • #11
                      Re: IP NAT Pool

                      one of the block will be used for th server eventually, and one will be used for the guest vlan, but they have a problem in that they keep getting blocked from google because they use alot of automated query tools which google doens't like..so I was hoping to have them all come out via the pool, randomly.
                      ah well..
                      Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

                      Comment

                      Working...
                      X