SNAT and HSRP redundancy on two different interfaces

ioan.stan · ‎03-10-2008

Hi,

I have two HSRP routers doing dynamic NAT on two diffrent (outside) interfaces. Is it possible to map the two HSRP groups to SNAT? It seems 12.4 IOS, at least, supports only one SNAT definition.

Thanks and regards,

ioan

htarra · ‎03-14-2008

Typically in such cases we recommend customers to track the 2 interfaces on which the HSRP groups are there and associate of the HSRP groups with SNAT configs.

Prior to this feature, when the primary Hot Standby Router Protocol (HSRP) router failed, the Network Address Translation (NAT) would not work on the secondary HSRP router. This is because the Address Resolution Protocol (ARP) entries would not be updated.

To enable static NAT with HSRP support, issue the ip nat inside source static command with the redundancy keyword. This allows for high availability.

http://www.cisco.com/en/US/docs/ios/12_2t/12_2t4/feature/guide/ftnthsrp.html

ioan.stan · ‎03-14-2008

Hi,

Thank you for your reply. My question is, is it possible to have SNAT configured on two different intertaces? Say one router has one inside interface and two "outside" interfaces. I'd do dynamic NAT on both "outside" interfaces. In addition, there is one HSRP group on each of three interfaces. When I tried to configure SNAT, I can only do it on one "oustide" interface, it seems only one SNAT can be defined per one router.

Yes, redundancy NAT, in the weblink you sent, would work for as many interfaces as I want but not with dynamic NAT.

I'd appreciate if you could help.

Thanks,

ioan