08-03-2007 09:40 AM - edited 03-03-2019 06:10 PM
Hello Everyone,
We have a router in one of our offices that has a T1 as it's primary Internet connection and is doing PAT using overloading (using the serial0/1/0 interface address).
A new fractional T1 was installed in another serial (serial0/2/0 interface for their backup internet connection and I'm having a problem with NAT when users go out this interface.
My configuration looks like this.
access-list 10 permit 192.168.132.0 0.0.0.255
access-list 20 permit 192.168.132.0 0.0.0.255
ip nat inside source list 10 interface s0/1/0 overload
ip nat inside source list 20 interface s0/2/0 overload
int s0/1/0
desc main internet link
ip nat outside
int fa0/0
desc backup internet link
ip nat inside
ip route 0.0.0.0 0.0.0.0 s0/1/0
ip route 0.0.0.0 0.0.0.0 s0/2/0 10
I tried using ACL 10 for both overload statements but it did not work so I made 2 ACLS that are identical so I can have both overload statements in the config.
I have a feeling that when the router is trying to do nat, it is still using the first overload statement (for s0/1/0).
Could someone please help me with this config? Do I need a route map or something? This office does not care about their source IP address on the Internet since no external DNS is considered so PAT is fine.
Thanks for the help.
Pete
08-03-2007 10:10 AM
You're missing some items.
int s0/2/0
ip nat outside
You could do a NAT debug and see what it is doing.
HTH and please rate.
08-03-2007 10:50 AM
Hi,
Thanks for pointing that out. I missed that in my post but did have in my configuration.
Pete
08-03-2007 10:11 AM
Hi Pete,
Can you try calling PBR in your NAT statement and see if that helps you.
Something like this
ip route 0.0.0.0 0.0.0.0 s0/1/0
ip route 0.0.0.0 0.0.0.0 s0/2/0 10
!
ip nat inside source route-map
ip nat inside source route-map
!
route-map
match interface s0/1/0
!
route-map
match interface s0/2/0
Try the same and update if it worked for you.
Regards,
Ankur
09-04-2007 12:00 AM
I have had the same issue and I was calling the routemaps in my nat overload statement. I am logging TAC case for config assistance so hopefully this will be fixable, certainly a lot easier on an ASA.
09-04-2007 03:52 AM
yes it is using s0/1/0 because the corresponding default route has a lower administrative distance (0 vs. 10). If you make the routes having the same weight, traffic should pseudo-balance over the two links.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide