Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Need help with NAT VRF Aware

Hi. I am having some problems with VRF aware NAT. I have followed the Cisco documentation, but i'm still having problems with dynamic nat.

The scenerio is i have a VRF called CUST1 which i can NAT if i use static vrf NAT, but not dynamic. The configuration is as follows

ip nat pool CUSTA_POOL 192.168.10.17 192.168.10.17 netmask 255.255.255.0

ip nat source list CUSTA_NAT pool CUSTA_POOL vrf CUSTA overload

!

ip route vrf CUSTA 0.0.0.0 0.0.0.0 FastEthernet0/0 217.20.23.17

!

ip access-list standard CUSTA_NAT

permit 172.16.0.0 0.0.255.255 log

!

!

interface FastEthernet0/0

description "OUTSIDE INT"

ip vrf forwarding SHARED_INT

ip address 192.168.10.1 255.255.255.0

ip nat outside

ip virtual-reassembly

duplex full

!

!

interface Ethernet2/0.1

encapsulation dot1Q 10

ip vrf forwarding CUSTA

ip address 172.16.1.10 255.255.255.252

ip nat inside

ip virtual-reassembly

!

When using the configuration as above i can see that NAT does not take place as i can see the real address (172.16.1.9) on the next hop. If i use a static NAT statement like...

ip nat inside source static 172.16.1.9 192.168.10.17 vrf CUSTA

It will succesfully NAT. Any help with this would be much appreciated.

Thanks

Dan.

3 REPLIES
Cisco Employee

Re: Need help with NAT VRF Aware

Hi,

With the configuration above there were some restrictions depending on platform and IOS version - including VRF to VRF NAT, if I remember correctly.

Did you have a look at the NAT virtual interface at

http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/products_feature_guide09186a008041d91a.html

This should be solving your issue. The document will give you an example for static as well as dynamic NAT. All you need to do, is to adjust names and addresses, I guess.

Hope this helps!

Regards, Martin

New Member

Re: Need help with NAT VRF Aware

This did not solve my issue. I do have the an IOS supporting all required features. Any other ideas?

Thanks

Dan.

Re: Need help with NAT VRF Aware

Hi Dan, you config in this post looks like for a NAT between a VRF and global interface, going by the "ip route".

Please do refer to which Cisco document you have been suing for the same.

If its a NAT between VRF and a Global interface, I have replied to it in the other thread. If its VRF to VRF then Martin has given the right link.

HTH-Cheers,

Swaroop

232
Views
0
Helpful
3
Replies
CreatePlease to create content