Hello ..
I have 2 networks connected VIA VPN. I have a statement which looks like:
ip nat inside source list 101 interface FastEthernet0/1 overload
This statement is for traffic destined out the f0/0 interface. It has to look like its from the sources address of 10.10.1.1.
This all works well with no problem, but I have a problem which i need to add another nat statement that is somewhat a conflict. I need to nat for a server which has a source address of a server on the f0/1 interface which is 10.10.1.4.
In other words, traffic going out interface f0/0 must be from a source address of 10.10.1.4, which is a host on f0/1. When i tried adding the nat statement all connectivity to that server was lost for some reason. The host i'm trying to nat for is over the vpn and has an address of 10.10.16.45. The challenge is to nat for that host using a hosts address on the other side of the vpn (config below).
Below is the relevant parts of my config:
! interface FastEthernet0/0 description To The X Network ip address 192.168.16.1 255.255.255.0 ip access-group 110 in ip nat outside ip virtual-reassembly duplex auto speed auto ! interface FastEthernet0/1 description Network devices going to X network ip address 10.10.1.1 255.255.255.0 ip access-group 101 in ip nat outside ip virtual-reassembly duplex auto speed auto
ip nat inside source list 161 interface FastEthernet0/1 overload
access-list 161 permit ip 10.10.16.0 0.0.0.255 10.10.20.0 0.0.255.255 access-list 161 permit ip 10.10.16.0 0.0.0.255 10.11.20.0 0.0.255.255
ip route 10.10.20.0 0.0.255.255 192.168.16.1 ip route 10.11.20.0 0.0.255.255 192.168.16.1
Any help is appreciated ..
GNY