Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started.

New Member

ASR 1K PAT in VRF

Hello,

I'm struggling to interpret from the manuals whether this is supported on 3.3S:

interface GigabitEthernet0/0/0

ip vrf forwarding VPNA

ip address 10.8.24.2 255.255.254.0

no ip proxy-arp

ip nat inside

interface GigabitEthernet0/0/2

ip vrf forwarding VPNA

ip address <outside ip> 255.255.255.0

no ip proxy-arp

ip nat outside

ip nat inside source list TEST interface GigabitEthernet0/0/2 vrf VPNA overload

ip access-list extended TEST

permit ip 10.8.24.0 0.0.1.255 any

3.5S releases a feature for intra-VPN NAT called "match-in-vrf"; however, this doesn't support PAT.  The configuration guide doesn't mention much of VRF-aware NAT.

Issue I'm having is that ICMP traffic is NAT'd succesfully and logged; however, the router doesn't appear to do anything with UDP or TCP traffic.

Cheers,

Mike

  • WAN Routing and Switching
368
Views
0
Helpful
0
Replies