Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

OSPF and NAT Problems

I am doing a lab with two 2600 routers with OSPF and NAT. For some reason, the "remote" router for some reason isn't seeing my NAT's block of IP addresses. Can anyone look at my config below and tell what could be wrong?

hostname ACME

!

!

!

!

!

ip ssh version 1

!

!

interface FastEthernet0/0

ip address 10.0.0.1 255.255.255.0

duplex auto

speed auto

!

interface FastEthernet0/1

no ip address

duplex auto

speed auto

shutdown

!

interface Serial0/0

ip address 200.0.0.6 255.255.255.252

!

interface Serial0/1

no ip address

shutdown

!

interface Serial0/2

no ip address

shutdown

!

interface Serial0/3

no ip address

shutdown

!

interface FastEthernet1/0

no ip address

duplex auto

speed auto

shutdown

!

interface FastEthernet1/1

no ip address

duplex auto

speed auto

shutdown

!

router ospf 1

log-adjacency-changes

network 200.0.0.4 0.0.0.3 area 0

network 64.64.64.0 0.0.0.255 area 0

!

ip nat pool acme_access 64.64.64.1 64.64.64.254 netmask 255.255.255.0

ip nat inside source list 1 pool acme_access

ip classless

!

!

access-list 1 permit 10.0.0.0 0.0.0.255

!

!

!

line con 0

line vty 0 4

login

!

!

end

BTW... OSPF works with just using the private addresses, but as soon as I try to introduce NAT...>poof<... no connectivity.

2 ACCEPTED SOLUTIONS

Accepted Solutions
Hall of Fame Super Blue

Re: OSPF and NAT Problems

The network command under OSPF configuration does not tell OSPF to advertise that network. It tells OSPF to run OSPF on any interface that falls under the 64.64.64.0/24 ip range.

You will need an interface from that range. You can use a loopback address for this

int loopback 10

ip address 64.64.64.1 255.255.255.0

ip ospf network point-to-point

Note that you need the "ip ospf network point-to-point" line otherwise OSPF will advertise a host route for the loopback.

Jon

Hall of Fame Super Blue

Re: OSPF and NAT Problems

Glad you got it working.

The network statement does the same thing under EIGRP/RIP as it does under OSPF. So yes you would need to create an interface but you don't need an equivalent to the ""ip ospf network point-to-point" as it is a specific thing to OSPF that loopbacks get advertised as host routes by default.

Jon

7 REPLIES
Hall of Fame Super Blue

Re: OSPF and NAT Problems

The network command under OSPF configuration does not tell OSPF to advertise that network. It tells OSPF to run OSPF on any interface that falls under the 64.64.64.0/24 ip range.

You will need an interface from that range. You can use a loopback address for this

int loopback 10

ip address 64.64.64.1 255.255.255.0

ip ospf network point-to-point

Note that you need the "ip ospf network point-to-point" line otherwise OSPF will advertise a host route for the loopback.

Jon

New Member

Re: OSPF and NAT Problems

I have actually updated the config:

hostname ACME

!

!

!

!

!

ip ssh version 1

!

!

interface FastEthernet0/0

ip address 10.0.0.1 255.255.255.0

ip nat inside

duplex auto

speed auto

!

interface FastEthernet0/1

no ip address

duplex auto

speed auto

shutdown

!

interface Serial0/0

ip address 200.0.0.6 255.255.255.252

ip nat outside

!

interface Serial0/1

no ip address

shutdown

!

interface Serial0/2

no ip address

shutdown

!

interface Serial0/3

no ip address

shutdown

!

interface FastEthernet1/0

no ip address

duplex auto

speed auto

shutdown

!

interface FastEthernet1/1

no ip address

duplex auto

speed auto

shutdown

!

router ospf 1

log-adjacency-changes

network 200.0.0.4 0.0.0.3 area 0

network 64.64.64.0 0.0.0.255 area 0

!

ip nat pool acme_access 64.64.64.1 64.64.64.254 netmask 255.255.255.0

ip nat inside source list 1 pool acme_access

ip classless

!

!

access-list 1 permit 10.0.0.0 0.0.0.255

!

!

!

line con 0

line vty 0 4

login

!

!

end

Jon... thanks for responding! I will try out your config change when I get access on the routers again... which hopefull will be tonight

Hall of Fame Super Blue

Re: OSPF and NAT Problems

Not sure what you mean here ?

New Member

Re: OSPF and NAT Problems

I realized that on the first config I posted, I did not have ip nat inside and ip nat outside on the appropriate interfaces, so I added that to the second config I posted.... just in case somebody tried to point that out to me.

I can't wait to try out your solution though. Thanks, again!

Hall of Fame Super Blue

Re: OSPF and NAT Problems

Oh okay, no problem. Let me know how you get on.

Jon

New Member

Re: OSPF and NAT Problems

It worked!!

Thanks A LOT Jon!

It even worked with me running VLANs. Cool.

One more thing though... what if the protocol I used was EIGRP or RIP? Would I still have to have a loopback address and if so, is there an equivalent EIGRP / RIP command for "ip ospf network point-to-point"...as in a command that does the same thing for those protocols?

Hall of Fame Super Blue

Re: OSPF and NAT Problems

Glad you got it working.

The network statement does the same thing under EIGRP/RIP as it does under OSPF. So yes you would need to create an interface but you don't need an equivalent to the ""ip ospf network point-to-point" as it is a specific thing to OSPF that loopbacks get advertised as host routes by default.

Jon

954
Views
0
Helpful
7
Replies