use PAT and static nat at the same time as inside and global nat interface

I've setup a network consisting a "AUTOMAÇÃO->Automation" lan, "Rede interna->Internal network" and the WAN (f0/1). Every device is cisco except 200A (fortigate).

Everyone on internal network must access internet using PAT but automation should not. On the 200A router side, there is a GRE tunnel to 1905-sec router and clients from which network can access each other. So, I need to map an internal IP from "Internal networw" on 1905-sec router to translate that into a internal IP on automation network.

  • Internal network 1905-sec: 192.168.21.0/24
  • Automation network 1905-sec: 192.168.250.0/24
  • Internal network 200A: 192.168.14.0/24

f0/1 is outside nat, f0/0 is inside nat. Since I have to map a IP of internal network 192.168.21.1 to be translated into 192.168.250.1 and routed to f1/0 I can't make f0/0 be outside and inside at the same time.

How can I use PAT for normal operating mode and static nat to translate 192.168.21.1 as a global address and 192.168.250.1 as a inside address witout messing with PAT?

EDIT: I did it! I used NVI. checkout the solution: http://www.ciscozine.com/nat-virtual-interface-aka-nvi-what-is-that/

enter image description here

Leave Your Comment

Leave a Reply