Policy NAT query

Unanswered Question
Mar 11th, 2009

Hi,

We are multi-homed with two ISP's and are load balancing with OER. We have a WAN connection to our European Data Centre where there is a third internet connection. I want to add this third connection as an OER exit link.

As this WAN Connection is not part of our BGP setup, I need to translate traffic that OER decides to route over this link to an address that is routable over the WAN. This is easily achieved with:-

access-list 103 permit ip 123.0.0.0 0.0.0.255 any

ip nat inside source list 103 interface FastEthernet0/1 overload oer

For our Mail Server, I need to ensure that a one to one translation is made when OER selects the WAN as the best exit. i.e. I want to translate from the Public IP of our mail server to an address routable over the WAN, only when the traffic leaves via f0/1. This is to ensure that traffic from the mail server, originates from an address with a valid MX and SPF record.

I have briefly tested this using the configuration below and it seems to work, however it's not particularly elegant. Is there a neater way of achieving this?

interface Loopback1

ip address 10.0.0.1 255.255.255.255

ip nat inside source route-map MAIL interface Loopback1 overload reversible

access-list 106 remark -- MAIL Public --

access-list 106 permit ip host 123.0.0.1 any

route-map MAIL permit 10

match ip address 106

match interface FastEthernet0/1

I would also like to the translation to be triggered if hosts from the Internet initate connections to the mail server via the WAN. Hopefully the reversible keyword will achieve this?

Thanks!

James

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion