Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Static NAT policy (static NAT with ACL) with VRF

Hello,

I must connect two same network (192.168.1.0/24). These networks are behind a firewall and a Cisco router 2811. The Cisco router 2811 implement VRF.

I would like implement static NAT on the two devices to allow the bidirectionnal communication between the two 192.168.1.0/24 networks.

For this I use the NATed network 1.1.1.0/24 and 2.1.1.0/24.

On the firewall, I implemented a static rule policy nat, which translate the source address 192.168.1.0/24 in address 1.1.1.0/24 WHEN 192.168.1.0/24 PC try to communicate with the subnet 2.1.1.0/24

I would like perform the same with the subnet 2.1.1.0/24. However, I don't find how to perform a static NAT policy, on the VRF galere. I don't want use the global routing table.

Here the ASA rule, that I want to convert on the Cisco router, can you help me

Static (in,out) 2.1.1.0 access-list 100

Access-list 100 permit ip 192.168.10.0 0.0.0.255 1.1.1.0 0.0.0.255 ??

A screenshot of the architecture is in this post.

Thank you in advance for your help.

Regards

Cédric

3 REPLIES

Static NAT policy (static NAT with ACL) with VRF

See the bellow example where you can use ACL for policy nat

You replace the. Interface with nat pool you create

http://www.nil.si/ipcorner/EnterpriseMultiVRF/#chapter6

Hope this help

New Member

Static NAT policy (static NAT with ACL) with VRF

Thank you marwanshawi for this link !

Are you sure, the NAT pool allow to perform static NAT ? The communication could be bidirectionnal ?

I wish the PC with IP 192.168.1.10 in LAN A talk with the PC 192.168.1.10 in LAN B. When I use the destination 2.1.1.10.

The same with 192.168.168.1.11, 12, 13...

In the option of the NAT in the router I can use also use route-map.

I saw that proxy ARP must be implemented in this post

https://supportforums.cisco.com/thread/2005514

Thank you

Cédric

Static NAT policy (static NAT with ACL) with VRF

Its better to check what nat option with vrf your platform support and try it since you are aware about the logic

Network nat can be used or if you have only few hots to be translated you can use static translation per host

633
Views
0
Helpful
3
Replies
CreatePlease login to create content