Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Route-map for dynamic nat not working

I have one router with multiple ethernet interfaces connected to two different ISPs. I'm using route-map for PBR and for dynamic NAT. IOS version I'm using is 12.4 advanced enterprise. Internet redundancy is not working. PBR makes the switching of ISP, but dinamic nat with the second ISP is not working. See the attachment.

3 REPLIES
Purple

Re: Route-map for dynamic nat not working

Is there any chance you can run 'debug ip policy' and 'debug ip nat' when the primary link is down to see what is happening ?

Paresh

New Member

Re: Route-map for dynamic nat not working

Paresh,

No chance for debug ip policy; I've tried debug ip nat 97 where 97 is and acl which selects one of the pc-s in inside lan, but I haven't seen any log when i change the PBR for this pc to have as a primary next hop the second ISP, by changing the metric. I know that PBR is working as it needs to work, because, if I put a static nat with an IP of second provider everything is ok. So I'm sure is smth wrong with route-map for NAT. When I use the command for show route-map, the route-map for NAT does not show any matching packets.

Leonard

New Member

Re: Route-map for dynamic nat not working

Hi,

I think you should take a look at the route-maps for the NAT. I think by default route-map is match all. so both conditionals must be met before route-map will be active. but the conditions you have cannot be met.

access-list can be met but the interface is not the source of the packet so route-map will not match it.

the source of the packet is FastEthernet0/1 not any of the other interfaces u have specified.

try removing the interface speficication altogether or put FastEthernet0/1 instead of the ethernet interfaces.

route-map Pron-NAT-map permit 10

match ip address 101

match interface FastEthernet0/1

!

route-map Albt-NAT-map permit 10

match ip address 101

match interface FastEthernet0/1

pls acknowledge if this helps

170
Views
0
Helpful
3
Replies
CreatePlease login to create content