cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
634
Views
0
Helpful
9
Replies

BRI config with Nat(overload)

rameshpillai
Level 1
Level 1

Hi

M working on a Cisco 1603R router which i One ether and one bri port...

i want to config a bri as the backup interface to serial interface.

MY problem i m using nat with overload on my serial intface

ip nat inside source list 101 interface Serial0 overload

and the corresponding access list is

access-list 101 permit ip any any (testing with all port open)

My problem is that my bri int goes up , gets connected everything works fine but no packets follows takes place.

it works when i replace above ip nat interface with bri0.

hows should i go about

regds

RamP

1 Accepted Solution

Accepted Solutions

ok, this makes it slightly more challenging :)

try this:

ip nat inside source route-map rtm-nat-ser0 interface serial 0 overload

ip nat inside source route-map rtm-nat-bri0 interface BRI 0 overload

!

route-map rtm-nat-ser0 permit 10

match interface Serial0

!

route-map rtm-nat-bri0 permit 10

match interface BRI 0

In theory this should work, but I haven't tried it myself. You may have to upgrade to an IOS that supports the "ip nat inside source route-map" command.

hth

Herbert

View solution in original post

9 Replies 9

Hello Ram,

can you post your config ?

Regards,

Georg

HERE IS THE CONFIG

--------------------------------------------

version 12.0

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

isdn switch-type basic-ni

!

!

!

interface Ethernet0

ip address 192.168.1.1 255.255.255.0 secondary

ip address Y.Y.Y.Y m.m.m.m

no ip directed-broadcast

ip nat inside

!

interface Serial0

backup delay 30 60

backup interface BRI0

ip address X.X.X.X m.m.m.m

no ip directed-broadcast

ip nat outside

custom-queue-list 1

!

interface BRI0

ip address negotiated

no ip directed-broadcast

ip nat outside

encapsulation ppp

dialer idle-timeout 300

dialer string 28529200

dialer hold-queue 10

dialer-group 1

isdn switch-type basic-net3

ppp authentication pap callin

ppp pap sent-username infisdn@bom4.vsnl.net.in password 7 141

075

!

ip nat inside source list 101 interface Serial0 overload

ip nat inside source static 192.168.201.8 Z.Z.Z.Z

ip classless

ip route 0.0.0.0 0.0.0.0 Serial0

ip route 0.0.0.0 0.0.0.0 BRI0 100

ip route 192.168.201.0 255.255.255.0 192.168.1.5

!

access-list 101 permit ip any any

dialer-list 1 protocol ip list 101

!

end

---------------------------------------------------

hbaerten
Level 4
Level 4

Hi RamP,

I think the easiest way to achieve this is to create a loopback interface and assign it an address that you can use for NAT, so:

interface Loopback0

ip address x.x.x.x m.m.m.m

ip nat inside source list 101 interface Loopback0 overload

Of course the other end will have to route this address to you.

If address space is a problem perhaps you can use the address of your serial on your loopback, and configure both the serial and the bri as "ip unnumbered loopback0".

hth

Herbert

only glitch i c is, my serial has static ip where bri0 is given a ip address dyanamically so i have set ip address nego on my bri0

in this situation how do i go abot. I have post my config too. go through and tell me

regds

RamP

ok, this makes it slightly more challenging :)

try this:

ip nat inside source route-map rtm-nat-ser0 interface serial 0 overload

ip nat inside source route-map rtm-nat-bri0 interface BRI 0 overload

!

route-map rtm-nat-ser0 permit 10

match interface Serial0

!

route-map rtm-nat-bri0 permit 10

match interface BRI 0

In theory this should work, but I haven't tried it myself. You may have to upgrade to an IOS that supports the "ip nat inside source route-map" command.

hth

Herbert

if m not wrong is this route-map related to BGP. if yes than i dont i BGP enabled...

Y not suggest a alltogether a new config. M open to it...

regds

RamP

Can i nat pool or dialer profile in some way ????

nat pool i much keen about

regds

RamP

No, route-maps are used for many different things, so this has nothing to do with BGP, and you do not need to enable BGP for this to work.

It is just a different way of specifying which addresses need to be translated.

Yoo Man it worked, thanks in lots and tonnes

regds

RamP

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco