NAT on 7600

Unanswered Question
Jan 31st, 2010
User Badges:

Hi, I have a couple of questions to do with NAT on 7600 and VRF NAT on 7600.


Is it supported on 7600 series and if yes, what Route Processor and what IOS Version?

Is it Software Based? Is there a hardware accelaration (like a SPA Card) someone could use?


I've seen some network books and almost all of them use 7200 series. One of them is suggesting to use PIX Blade as an alternative for high capacity NAT performance, but I assume that is too old?.


Regards.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Reza Sharifi Sun, 01/31/2010 - 16:42
User Badges:
  • Super Bronze, 10000 points or more
  • Cisco Designated VIP,

    2017 LAN

Hello pavlosd,


NAT per VRF is not supported on the Catalyst 6500 series switches and the Cisco 7600 series routers


You can use FWSM to do NAT per VRF, but this is a new feature in ver 3.2(1) and the FWSM has to operate in transparent mode not routed mode.


From the FWSM config guide:


Introducing NAT support for transparent firewalls addresses the NAT per VRF requirement while offering the capability to run routing protocols through the firewall with a simple configuration.


Here is the config guide for FWSM:


http://www.ciscosystems.com/en/US/docs/security/asdm/6_1f/user/guide/intro_platform.html#wp1061017


HTH

Reza

Giuseppe Larosa Tue, 02/02/2010 - 08:13
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Reza,

FWSM 3.2.1 is not so new, the real issue is the original poster should get a FWSM if they haven't  one already installed in the C7600 chassis


Hope to help

Giuseppe

pavlosd Tue, 02/02/2010 - 21:23
User Badges:

Investing in a FWSM currently, is not something we would like to do, since the roadmap is not so clear for the specific product or for the compatibility of it with new IOS and features / Cards. I would prefer having a separate ASA box next to the 7600 instead.


I was more looking into a newer version card for NAT, similar to the one that is available for the CRS (not in that scale though :-)....

http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6553/white_paper_c11-558744-00_ns1017_Networking_Solutions_White_Paper.html

Actions

This Discussion