Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Help nat rules

Status
Not open for further replies.
spivy66

spivy66

MIS
Nov 8, 2002
150
US
Can someone help create a nat rule..

I have two interfaces on my 2600

fasteth0/1 192.168.2.2
fasteth0/0 192.168.1.10

I want all traffic comming from 192.168.2.2 interface
to look like it's from fasteth0/0 192.168.1.10...
the default gateway resort is 192.168.1.1.

thank you
 
Sort by date Sort by votes

Hello,
Right now i have my firewall doing the routing between theses subnets. I want to take the firewall out of the picture and have the firewall act as a firewall only..so by creating a nat rule all traffic for will look like its comming from 192.168.1.10 .I'll have All my users with a 192.168.2.0/24 address look like it comming from 192.168.1.10 ..


so here's my config now

cisco 2600
f0/0 192.168.1.10
f0/1 192.168.2.2


firewall has route as 192.168.2.0/24 --->192.168.1.10
firewall also has a interface 192.168.2.1


on the cisco 2600 i also have dhcp server setup

ip dhcp pool wwdfv
network 192.168.2.0 255.255.255.0
dns-server xxxxxx
default-router 192.168.2.2
domain-name xxxx.com
lease infinite

interface FastEthernet0/0
ip address 192.168.1.10 255.255.255.0
ip nat outside
speed 100
full-duplex
!
interface FastEthernet0/1
ip address 192.168.2.2 255.255.255.0
ip nat inside
speed 100
full-duplex
!
ip nat inside source static 192.168.2.2 192.168.1.10
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.1.1


so i just want to get the firwall out of the picture.If what i said can't be done I an open for any options.

Thank you for your response.


 
Upvote 0 Downvote
Your configuration isnt making sense as you are using the router for routing, so why wouldnt the firewall be a firewall?
 
Upvote 0 Downvote
the config doesnt need to make sense to us..
so here is what you need

access-list 1 permit 192.168.2.0 0.0.0.255
ip nat inside source list 1 interface fa0/0 overload
Click to expand...

if access-lsit 1 is in use just use some other number...
with these commands everything that leaves your router will look like it came from your 192.168.1.10 ip.
if you want to add more subnets later on.. they have to be added to the access-list or else they will not get natted.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Jared R
  • Locked
  • Question
Cisco UC320W Paging Help
Replies
0
Views
536
Jared R
Jared R
WinstonCH
  • Locked
  • Helpful tip
What is wrong with the diagram, there are people who will help to fix it? How do i do the configurat 1
Replies
1
Views
680
BIS
BIS
bfordz
  • Locked
  • Question
new help on setting up third party VoIP phones through Catalyst 2960x switch
Replies
0
Views
275
bfordz
bfordz
DigiByte34
  • Locked
  • Question
Need Help Cisco AAA to any RADIUS Software
Replies
9
Views
617
DigiByte34
DigiByte34
CDIV
  • Locked
  • Question
Help me build a network
Replies
1
Views
230
burtsbees
burtsbees

Part and Inventory Search

Sponsor

Back
Top