cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2130
Views
0
Helpful
6
Replies

Force source interface.

olafmarcos
Level 1
Level 1

Hi NetPros:

Is there any way to force the outbound interface of the router?

I mean, when router does ping, dns, queries, ntp, etc... is doing with the interface nearest to destination, does it?

I need router do queries, pings, and so on with source internal private ip and later nat to inside public ip.

Any advice?

Thanks in advance and best regards,

Olaf

6 Replies 6

mohammedmahmoud
Level 11
Level 11

Hi,

For ping use, "ping ip source ".

Other service like TACACS for example can control the source interface "ip tacacs source-interface <>".

HTH,

Mohammed Mahmoud.

Hi Mohammed:

I need this cause router is dns server and it does queries unattended. I need to force source interface all time.

Thanks and regards,

Olaf

I've never come across a way to force source-interface for DNS on Cisco routers (in fact, I've never come across a Cisco router being used as a DNS server!). I tried searching Cisco's doco, as well as trying several commands on an actual router. No joy.

However, most other protocols in Cisco routers have specific commands to force their source-interface. E.g.:

- NTP: ntp source

- SNMP Trap: snmp-server trap-source

- TFTP: ip tftp source-interface

- FTP: ip ftp source-interface

- SSH: ip ssh source-interface

- TACACS: ip tacacs source-interface

- RADIUS: ip radius source-interface

etc. etc. etc.

HTH

I saw the option to force the source interface of other protocols, but cisco has the built-in dns server (proxy server), and why not to use?

I remember other issue updating dyndns ip cause not to be able to force source interface.

This necesity is due to be able to map a range of ports to a internal server. I need an ip nat:

ip nat inside source static PrivateIP PublicIP/Interface

I only have one public ip. Router's dns queries or any other access to internet is doing with the ip of the nearest interface (PublicIP). And due to ip nat statement, all replies are natted to internal server, so router hasn't access.

I put other conversation and the result is that this approach is not possible with Cisco (when "every cheap" routers does).

http://forums.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Network%20Infrastructure&topic=WAN%2C%20Routing%20and%20Switching&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.1ddf197d

Any advices?

Thanks and best regards,

Olaf

Sorry Olaf... I don't have much experience with NAT-ing on Cisco routers (been using Firewalls mostly). But, I was thinking... maybe unnumbered interface may help somehow?

I'll try your sugestion. Any configuration example?

I thought with loopback interface too.

Regards,

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco