Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

NAT with loopback interface

Hi

I want to use nat with loopback interface because we have two gateways to internet and at the router I want to implement NAT is one of them.I have tried but no success.There are three interfaces in the router.

I have used and route-maps but do not function.

4 REPLIES

Re: NAT with loopback interface

Hi Friend

Are the two gateways going to the same provider.

which gaetways IP address you configured for the loopback.

Normally one iSP would reject the IP block of other ISPs

Can you share your relevant configs

Narayan

New Member

Re: NAT with loopback interface

Thank you for your response.

Is tha same provider.This is the reason i have to implement NAt at the loopback interface.

interface giga0/2.1

ip address 192.168.140.1

ip nat inside

interface loopback 1

ip address real-ip

ip nat outside

access-list 40 permit 192.168.140.0 0.0.0.255

ip nat inside source-list 40 interface loopback 1 overload

or:

ip nat inside source-list 40 pool poolnat overload

ip nat pool poolnat real-ip netmask...

with this config have not ip nat translations

Ilir

Gold

Re: NAT with loopback interface

You really don't have to assign the nat address to a interface. Your second example should work fine but see below.

Nat is done when traffic passes from inside/outside or outside/inside. What addresses are translated are based on your configuration and are not really related to what the real addresses on interfaces are.

Make sure both your ISP interfaces are setup as outside interfaces and it should work.

Now your provider must have routed this real address to you on both connections for this to work.

The reason you may want to put the address on a loopback or better yet route it to null0 is that traffic coming from the outside destined for that address may not be in the nat table at a certain time. When that occurs the address is not translated and the router will send it back to the ISP because of default route. The ISP of course will just send it back since it has a route in its routing table. You now have a loop until it hits time to live limit. This is a routing problem caused by nat but is not really a nat issue. NAT will appear to work fine you will just see this garbage traffic.

Re: NAT with loopback interface

What is the IP configured on the interface connecting to the service provider?

Here is a sample config which should work

ip nat pool link1 x.x.x.x x.x.x.x netmask 255.255.255.x

ip nat pool link2 y.y.y.y y.y.y.y netmask 255.255.255.x

ip nat inside source route-map link1 pool link1 overload

ip nat inside source route-map link2 pool link2 overload

access-list 1 permit

access-list 2 permit

route-map link1 permit 10

match ip address 1

match interface

route-map link2 permit 10

match ip address 2

match interface

ip route 0.0.0.0 0.0.0.0

ip route 0.0.0.0 0.0.0.0 10 <---higher administrative distance (backup link)

HTH, rate if it does

Narayan

7211
Views
0
Helpful
4
Replies
CreatePlease login to create content