Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Dynamic Natting Issue

Hi All, I have an issue with dynamic natting. I am using cisco 3725 router on which I hv one vsat & two isdn link for internet. I got the public IPs from VSAT provider but they hav not provided public IP for serial link so I have created private ip network in between PIX & router & did the natting on cisco router for VSAT with IP nat inside source list 1 int fa0/1(vsat link terminating on interface) overload command now when vsat goes down internet thru isdn does not work as there is no natting as such on router for isdn link. so I created another acess-list 2 for natting on isdn interface....with ip nat inside source list 2 interface dialer1 overload command....but still internet is not working..can you tell me how can I run internet from both interface when either link goes down...internet shud work. dont want load balancing...i want backup fallback..

NK

4 REPLIES
Purple

Re: Dynamic Natting Issue

Hi,

Do something like the following:

ip route 0.0.0.0 0.0.0.0 serial0

ip route 0.0.0.0 0.0.0.0 dialer1 250

!

ip nat inside source route-map ISP1-map interface serial0 overload

ip nat inside source route-map ISP2-map interface dialer0 overload

!

route-map ISP11-map permit 10

match ip address 1

match interface serial0

!

route-map ISP12-map permit 10

match ip address 1

match interface dialer1

Hope that helps - pls rate the post if it does.

Paresh

New Member

Re: Dynamic Natting Issue

Hi,Thanks for replying...can you tell me have u ever tried this as I dont think it will work...right now I am using below mentioned commands

ip nat inside source list 1 interface fa0/1 overload (this is for vsat)

access-list 1 permit 172.x.x.x

access-list 1 permit any

IP nat inside source list 2 interface dialer1 overload

access-list 2 permit any

but once i put dialer1 overload command my running internet stop working on vsat...once I remove this command it starts working...so I put the route amp for isdn as below

route-map ISDN permit 10

match interface dialer1

ip nat inside source route-map ISDN interface dialer1

i this case my internet which is working on vsat does not stop but when vsat goes down internet on ISDN dowsnot work....

so please let me know if I user route map for both would it work?? or u r not sure ???

Please as it is very critical situation I have to have resolve it.

thanks

NK

Purple

Re: Dynamic Natting Issue

Hi,

I have used this setup before, with 2 route-maps and it works very well. I suggest you use two route-maps and re-try it, since what you have got currently results in overlapping ACLs for the two 'ip nat inside source list' commands...

Cisco recommends that you don't use the 'permit any' match in ACLs used with NAT so I suggest that you make the ACL more specific.

Paresh

New Member

Re: Dynamic Natting Issue

Hi, thanks paresh...let me try it.

100
Views
0
Helpful
4
Replies