08-17-2010 03:34 AM - edited 03-04-2019 09:27 AM
Greetings, i am going to be deploying a new site with two internet connections terminated on two ISR routers. Each one will be running HSRP and ill be using IP SLA object tracking to determine the active member and default route.
I would also like to try and achieve a more stateful configuration, as such i am considering using the SNAT feature within the HSRP group however i would like to just use PAT and overload all outbound connections onto the interface IP address rather than creating NAT pools which from the examples i have seen is how this is configured.
Has anyone deployed this just using PAT or do you have to use NAT pools w/ PAT?
Regards
Solved! Go to Solution.
08-17-2010 03:56 AM
Hello Mark,
I'm afraid that using a pool may be required by the SNAT solution as the idea is that the backup router if takes over has to be able to route traffic for current NAT sessions, if you would use the WAN interface of router1 as public IP address, when R1 fails (or just its WAN link fails) packets cannot be sent back and so it cannot be translated by the backup router.
So SNAT feature requires to get a small public pool from ISP or it would not be effective.
see figure 1 in
Hope to help
Giuseppe
08-17-2010 03:56 AM
Hello Mark,
I'm afraid that using a pool may be required by the SNAT solution as the idea is that the backup router if takes over has to be able to route traffic for current NAT sessions, if you would use the WAN interface of router1 as public IP address, when R1 fails (or just its WAN link fails) packets cannot be sent back and so it cannot be translated by the backup router.
So SNAT feature requires to get a small public pool from ISP or it would not be effective.
see figure 1 in
Hope to help
Giuseppe
08-18-2010 08:35 AM
Thank you for the reply Giuseppe, the explanation makes perfect sense
Regards
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: