DMVPN and NAT of Spoke LAN's on Hub Router

Unanswered Question
Nov 24th, 2009

I am trying to work with a DMVPN setup where the LAN IP Networks of the Spoke routers need to be NAT'd when they arrive at the Hub router on their way into the core network. I have the DMVPN working just fine. The problem begins when I attempt to NAT by placing an ip nat inside statement on the Hub GRE Tunnel Interface used for the DMVPN network and the ip nat outside statement on the Hub gigabitEthernet interface leading to the LAN. The traffic begins to be NAT'd but after a few seconds the EIGRP neighbor between the Hub and Spoke goes down and the other end of the GRE tunnel is unable to be pinged even though it says it is up. Obviously, traffic stops flowing. When I remove the NAT statements everything starts working again. I'm thinking this may be a problem with NHRP and NAT but I'm not sure. Has anyone else attempted this? Thanks in advance for your help.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
cleidh_mor Tue, 11/24/2009 - 15:44

Hi James,

It sounds to me as if the address that is being used as the source of the tunnel at the spoke end might be getting NAT'd and is therefore not reachable.  What output do you get from deb ip nhrp and deb tunnel on the hub?  Also, if you could post your configs, that would help

I assume there's not another device before the core that could be doing the NAT as well, rather than doing it on the hub router? 



This Discussion