Hello,

I am having trouble configuring nat on an ASR1k and using secondary addresses on my outside interface.

interface GigabitEthernet0/0/0

description Outside Interface

ip address 222.222.159.14 255.255.255.128 secondary

ip address 222.222.159.1 255.255.255.128 secondary

ip address 222.222.159.2 255.255.255.128 secondary

ip address 222.222.159.3 255.255.255.128 secondary

ip address 222.222.159.4 255.255.255.128 secondary

ip address 222.222.159.5 255.255.255.128 secondary

ip address 222.222.159.6 255.255.255.128 secondary

ip address 222.222.159.67 255.255.255.224 secondary

ip address 222.222.150.166 255.255.255.252

ip nat outside

speed 100

no negotiation auto

cdp enable

ip virtual-reassembly

!

!

interface GigabitEthernet0/0/1

description Inside Interface

ip address 10.110.1.1 255.255.255.0

no ip proxy-arp

ip nat inside

negotiation auto

cdp enable

ip virtual-reassembly

!

!

ip nat pool pool-159.1 222.222.159.1 222.222.159.1 netmask 255.255.255.128

ip nat pool pool-159.2 222.222.159.2 222.222.159.2 netmask 255.255.255.128

ip nat pool pool-159.14 222.222.159.14 222.222.159.14 netmask 255.255.255.128

ip nat pool pool-159.3 222.222.159.3 222.222.159.6 netmask 255.255.255.128

ip nat inside source list ip-nat-159.1 pool pool-159.1 overload

ip nat inside source list ip-nat-159.14 pool pool-159.14 overload

ip nat inside source list ip-nat-159.2 pool pool-159.2 overload

ip nat inside source list ip-nat-159.3 pool pool-159.3 overload

This blog states my exact problem.:

http://ccieplayground.wordpress.com/2010/03/30/asr1k-nat-really-does-not-like-secondary-addresses/

Are there any options that could make this work?  Something so simple that has worked on IOS devices for years now doesn't work?  Do I need to create vrf's with in the router?  Or perhaps make sub interfaces, but how do you apply same subnet addresses to multiple sub interfaces...?

Dan.