Hello friends, Thankyou for your answeres, but I have more doubts:
Config: ip nat inside source list 1 pool POOL overload If have understood your answers, the router start doing PAT with the first IP address and doesn't takes the next avalaible public IP address until PAT is exhausted with the first IP address, right?? But if this is the way it works I think we never use the rest of the public IP's in the pool because there are not enough clients to exhaust PAT with the first IP... I think it will be much better if the router starts doing PAT and after the pool is exhausted. I cannot do NAT 1:1 and reserve one public IP to do PAT, because I don't want to give the same IP to a set of clients and not to another... Is it really the way that "overlad" works inside a pool??? Please, I am very curious... I don't have a router to play, so I cannot test this on myself..... Thanks friends... Por favor, responda a "Adam" Enviado por: [EMAIL PROTECTED] Destinatarios: [EMAIL PROTECTED] CC: Asunto: Re: Re: PAT AFTER NAT...IS IT POSSIBLE??? [7:66672 This is what I have run into in the past and I was almost certain that it was not possible. I set it up in the lab here with various configs and had the same result. As far as I was told in the last routing update I attended at our local cisco office, the SE's there confirmed that the PIX can be defined with a NAT Pool of addresses and then have the same pool statement entered only this time specifying the same address (ie. PAT) as an overload. They confirmed that the IOS router code does not function like this and that you would have to statically NAT those addresses that you wanted 1:1 on and then have a blanket PAT (overload) statement in to cover the rest. In the case of the original question with wanting to NAT 128 clients 1:1 and then have PAT for the rest, this would require a lot of configuration and to guarantee that 1:1 would occur (or to at least keep track of it) you would require static IPs on the clients wishing to 1:1 NAT. Hope I'm not flying way offline here but I believe this is the only way possible with an IOS router. Cheers > I've found that you cannot do this, at least not when you do nat to a pool > of addresses. You have to do static nat, then overload the rest. I tried > adding overload to the end of my existing nat statment with the pool, it > started PATing the addresses from the beginning. Instead of using the 1:1 > from the pool, then pating anything beyond that. > > ""Lee Carter"" wrote in message > news:[EMAIL PROTECTED] > > Yes you can just take your nat statement (ip nat inside source list 1...) > > and add the word overload on the end of the command. > > > > You will use a 1:1 NAT for the first set of users. Once your IP's are used > > up you will use PAT. It is important to note that some issues arise with > PAT > > versus NAT like IPSEC or DLSW. > > > > just an fyi. -- Composed with Newz Crawler 1.3 http://www.newzcrawler.com/ [EMAIL PROTECTED] ___________________________________________________ Yahoo! Messenger - Nueva versisn GRATIS Super Webcam, voz, caritas animadas, y mas... http://messenger.yahoo.es Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66734&t=66734 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]