NAT problem

comechivos · ‎01-05-2006

Hello, I was wondering if you can help me with my NAT config, because I have 2 T1's in each serial interface, BUT only one of the serial interfaces is working properly. here is my running config

thank you so much

I'LL be waiting your answer... Thanks!

mheusinger · ‎01-05-2006

Hi,

what do you call "working properly"? What do you like to achieve, what is happening and what would you like to have different?

You should be more specific to get help.

Regards

Martin

ankurbhasin · ‎01-05-2006

Hi Friend,

Your config has 2 default routes with eual admin distance so there will be load balancing between 2 serial interfaces that too per packet but your NAT pool will assign ip one by one starting from 141.211.209.114 then 141.211.209.115 then 141.211.209.116 and so on.

Now when your packet goes out from first serial interface because of first default route it will work fine but when it will go out via second serial interface because of second default route there will be a problem.

I think you have to implement policy base routing with NAT statement to classify traffic and let NAT only happen on that classified traffic.

I think you need not require default route here and let policy decide your exit interface and you can classify your traffic in access list and define that list number in policy.

I think your config should look something like this ummm you may need to fine tune it as per your network

ip nat inside source route-map NAT-Serial1 interface Serial1 overload

ip nat inside source route-map NAT-Serial2 interface Serial2 overload

route-map NAT-Serial1 permit 10

match ip address

set interface Serial1

!

route-map NAT-Serial2 permit 20

match ip address

set interface Serial2

!

HTH

Ankur

unicmd · ‎01-07-2006

cant see whats wrong with your config, could work just fine but you have to bee sure that they at nexthop also runs per-packet and routes routes your ipadresses at both links, not just the first link.

Martin

Denmark