Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
763
Views
0
Helpful
1
Replies

NAT with Backup Interface on 871

feliciogs
Level 1
Level 1

‎05-30-2008 07:48 PM - edited ‎03-05-2019 11:20 PM

I had a 871 between a LAN and two networks one Outside and another "inside" (different sub-net) LAN provided by an outdoor wireless device.

I need to NAT inside LAN to Outside while the outdoor wireless stay up, but if the wireless goes down I need to NAT a specific "inside" address to make transparent to clients the change. As in the draft below I need when the Desktop (10.5.1.111) try to connect to Server (10.1.1.239) during a Wireless fail the Server address (10.1.1.239) be "NATTED" to 172.16.1.1. The Desktop default gateway is the 871.

I'm trying to detect wireless down creating an additional VLAN interface as backup interface for VLAN1.

I was able to NAT the Outside network and route packets while inside network is connected to VLAN1, but when I connect the inside network to VLAN2 I start to lost packets.

Anyone has any idea what I'm doing wrong ? My objective is reachable ?

A draft of my connections (copy&paste to notepad w/ "Fixesys" font to see correct ident):

.........................* Desktop *

.........................(10.5.1.111)

..............................|

---------------------------------------

.....|........................|

(10.5.1.253).............(Unnumbered)

*** 871 ***..............* Wireless *

(172.16.5.253)...........** Bridge **

.....|.......................\ /

(172.16.5.1).................\ /

*WAN Cloud*...................|

(172.16.1.5)................./ \

.....|......................./ \

(172.16.1.1)............* Wireless *

*** NAT ***.............** Bridge **

(10.1.1.3)..............(Unnumbered)

.....|........................|

.....|..................(10.5.1.254)

.....|..................*L3 Switch*

.....|..................(10.1.1.254)

---------------------------------------

................|

.............Server

..........(10.1.1.239)

What I had done at 871:

interface FastEthernet0

!

interface FastEthernet1

!

interface FastEthernet2

switchport access vlan 2

!

interface FastEthernet3

switchport access vlan 2

!

interface FastEthernet4

ip address 172.16.5.253 255.255.255.0

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

!

interface Vlan1

backup delay 10 30

backup interface Vlan2

ip address 10.5.1.253 255.255.255.0

ip nat inside

no ip virtual-reassembly

ip tcp adjust-mss 1452

!

interface Vlan2

ip address 10.5.1.253 255.255.255.0

ip nat inside

no ip virtual-reassembly

ip tcp adjust-mss 1452

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 Vlan1 10.5.1.254

ip route 0.0.0.0 0.0.0.0 Vlan2 172.16.5.1 250

ip route 172.16.1.0 255.255.255.240 FastEthernet4 172.16.5.1

!

ip nat pool IPVPN_UN05 172.16.5.2 172.16.5.252 prefix-length 24 type match-host

ip nat inside source list 100 pool IPVPN_UN05

!

access-list 100 permit ip 10.5.0.0 0.0.255.255 172.16.0.0 0.0.255.255

no cdp run

TIA,

Felicio Santos

Labels:
0 Helpful
1 Reply 1

tstanik
Level 5
Level 5

‎06-05-2008 02:21 PM

Here is the URL for the NAT Support for Multiple Pools Using Route Maps guide with configuration which will help you :

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080093fca.shtml

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card