Here is a working configuration right here to host a webserver on dsl
link and how to do static nat overload. Allow multiple private ip
addresses on the inside to net to one ip address on the outside.
Using 2949 out of 7506 bytes
!
version 12.0
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname CiscoFW
!
logging buffered 4096 debugging
enable secret password XXXXXXXXXXXX
!
username XXXXXXXXXX
ip subnet-zero
no ip source-route
no ip finger
ip name-server XXXXXXXXXXXX
!
!
!
interface Ethernet0
description Local Lan
bandwidth 10000
ip address XXXXXXXXXXXXXXX XXXXXXXXXXXX
no ip directed-broadcast
ip nat inside
media-type 10BaseT
fair-queue 64 256 0
no cdp enable
!
interface Ethernet1
description Speakeasy Dsl 1.5/384
bandwidth 10000
ip address XXXXXXXXXXXXXX XXXXXXXXXXXXXXXX
ip access-group 101 in
no ip directed-broadcast
ip nat outside
fair-queue 64 256 0
no cdp enable
!
interface Serial0
no ip address
no ip directed-broadcast
shutdown
no fair-queue
no cdp enable
!
ip nat pool speakeasy your assigned ip here space assigned ip here again
netmask 255.255.255.0
ip nat inside source list 1 pool speakeasy overload
ip nat inside source static tcp LAN IP ADDRESS 80 WAN IP ADDRESS 80
extendable(this is how you host a web server on dsl a static nat entry)
ip classless
ip route 0.0.0.0 0.0.0.0 your assigned default gateway goes here
!
logging trap debugging
logging XXXXXXXXXXXXXX
access-list 1 permit Local lan subnet here
access-list 10 permit Local lan subnet here log
!
line con 0
transport input none
line vty 0 4
access-class 10 in
password XXXXXXX
login
!
sntp server XXXXXXXXXX
scheduler interval 500
end
CiscoFW#
-----Original Message-----
From: Daniel Cotts [mailto:[EMAIL PROTECTED]]
Sent: Thursday, April 12, 2001 2:19 PM
To: [EMAIL PROTECTED]
Subject: NAT with one address WAS RE: Passing IPSEC packets on DSL
[7:361]
Yes. Quoting from:
http://www.cisco.com/warp/public/cc/pd/iosw/ioft/ionetn/prodlit/1195_pp.
htm
As a convenience for users wishing to translate all inside addresses to
the
address assigned to an interface on the router, the
NAT code allows one to simply name the interface when configuring the
dynamic translation rule:
ip nat inside source list interface overload
If there is no address on the interface, or it the interface is not up,
no
translation will occur.
Example:
ip nat inside source list 1 interface Serial0 overload
There are other examples on CCO. They have recently rearranged the pages
and
I can't find them.
> -----Original Message-----
> From: Hire, Ejay [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, April 12, 2001 12:13 PM
> To: [EMAIL PROTECTED]
> Subject: RE: Passing IPSEC packets on DSL [7:321]
>
>
> Is there any way to do NAT on a PIX or a Cisco router if you
> only have one
> usable IP address? I perused CCO, and the most minimalistic
> NAT/PAT config
> I can find still requires 2 (1 interface, one global) addresses. The
> Linksys/Netgear jobbies do it with one IP.
>
> i.e.
>
> ISP - ISP router Ethernet (216.142.0.1 255.255.255.252) - (216.142.0.2
> 255.255.255.252) Router - Internal network.
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=369&t=369
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
