Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ACE; Dynamic SNAT in bridge mode without Dnat (VIP) needed

Hi,

We are interested about the ACE NAT performance. We would like to use this module just for the SNAT feature and only in bridge mode (to facilitate the ACE integration in the current network).

the configuration could be similar to this one:

--

class-map PrivateSource

match source-address 10.0.0.0 255.0.0.0

policy-map multimatch SourceNat

class PrivateSource

nat dynamic 1 vlan X

interface vlan X (incoming traffic from the source)

bridge-group 1

service-policy in SourceNat

nat-pool 1 publicIP netmask A.B.C.D pat

interface vlan Y

bridge-group 1

--

Could anyone confirm if this feature is supported on the ACE and if the above configuration could be a good one?

--

Many thanks for your help.

Regards/Ludovic.

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: ACE; Dynamic SNAT in bridge mode without Dnat (VIP) needed

Ludovic,

ACE does not NAT bridged traffic.

You could catch it with a catch-all-destination class-map

ie:

class-map all

match virtual 0.0.0.0 0.0.0.0 any

And use a transparent serverfarm sending all traffic to a unique default gateway.

That would work.

Gilles.

2 REPLIES
Cisco Employee

Re: ACE; Dynamic SNAT in bridge mode without Dnat (VIP) needed

Ludovic,

ACE does not NAT bridged traffic.

You could catch it with a catch-all-destination class-map

ie:

class-map all

match virtual 0.0.0.0 0.0.0.0 any

And use a transparent serverfarm sending all traffic to a unique default gateway.

That would work.

Gilles.

New Member

Re: ACE; Dynamic SNAT in bridge mode without Dnat (VIP) needed

Many thnaks Gilles, We will do as you suggested.

Regards/ludovic.

448
Views
0
Helpful
2
Replies