We have two routers: a Cisco 1721 and a Cisco 2620. Right now the 1721 is doing policy based routing to route traffic from a certain IP address (220.127.116.11) out a different internet link. If I put the exact same config on the 2620 router, traffic to the second link does not flow. Network traces show the routing and NAT working but the next hop (18.104.22.168) does not return the traffic. I can see the ARP request from 22.214.171.124 but the 2620 does not answer. Below is the relevant config of the 2620.
ip address 126.96.36.199 255.255.255.240
ip nat inside
ip policy route-map Policy1
ip address 188.8.131.52 255.255.255.248
ip nat outside
ip nat inside source static 184.108.40.206 220.127.116.11
ip route 18.104.22.168 255.255.255.248 22.214.171.124
access-list 2 permit 126.96.36.199
route-map Policy1 permit 10
match ip address 2
set ip next-hop 188.8.131.52
About the only thing different other than the router model is that the 1721 only has one Fast Ethernet interface on it so it has a 4-port Fast Ethernet Switch WAN Interface Card installed in it.
Any ideas on why this isn't working would be greatly appreciated!
What's with the static route to 184.108.40.206/29? Thats a directly connected network of interface fa0/1, so you dont need a static route.
If you do a sh ip ro 220.127.116.11, Im sure the route will show as "directly connected" and your static route, with the higher AD of 1, wont be in the routing table anyway.
Also, 18.104.22.168 is ARPing for the 22.214.171.124 address (this is the new source address after the 126.96.36.199 address is NAT'ed) because it thinks the host is directly connected to its interface (same subnet), but it's not. This is why I believe the router is not replying to the ARP request for 188.8.131.52. It doesnt own the address, and doesnt have it in its ARP table.
Can you NAT to a different host address -- other than 184.108.40.206, perhaps even the 220.127.116.11 address?
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...