Solved: Conditional PAT on Cisco router

ahmad82pkn · ‎07-04-2012

Hi, i was building a site to site VPN with client. and wanted to to conditional PAT on that but not successfull.

What i want to do is PAT source subnet 10.0.0.0/8 on to 8.224.44.1 for destination 172.16.1.1

in ACL Encryption domain i have

ip access-list Extended VPNLIST

permit ip host 8.224.44.1 host 172.16.1.1

on nat i am trying to do is.

ip nat inside source list NATACL pool PATIP overload

ip access-list NATACL

permit ip 10.0.0.0 0.255.255.255 host 172.16.1.1

ip access-list PATIP

permit 8.224.44.1

but its not working. any ideas, how can i accomplish conditional PAT?

cadet alain · ‎07-04-2012

Hi,

to create a pool you must do this:

ip nat pool PATIP 8.224.44.1 8.224.44.1 prefix-length 24

Regards.

Alain.

Don't forget to rate helpful posts.

View solution in original post

cadet alain · ‎07-04-2012

Hi,

to create a pool you must do this:

ip nat pool PATIP 8.224.44.1 8.224.44.1 prefix-length 24

Regards.

Alain.

Don't forget to rate helpful posts.

ahmad82pkn · ‎07-05-2012

Hi Alain,

i was able to fix my issue be creating a loop back, and then overloading on that.

and yes you are right i was creating Pool wrong, if i would have tried as you suggested that would have fixed the issue as well, so full marks to you.

one issue i still faced was one packet success one drop and then one success then one drop.

I had to disable i route caaching on my outgoing interface on which crypto was applied, might be IOS bug.

thank you , i am good to go