Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Trying to NAT in a Mobile Node through a mobile tunnel

Customer has a requirement to send data to a serial port on a 3200 Mobile Access Router using SLIP on the serial interface. Since the mobile network is the only one visible from the HA, I'm trying to NAT from the mobile network to another subnet hanging off the serial port. I seem to be having problems with routing because I can't get the NAT to work even though the default route in the MAR is the Tunnel0 interface. Is there something different that needs to be done to work with the mobile ip tunnel?

7 REPLIES
Silver

Re: Trying to NAT in a Mobile Node through a mobile tunnel

Go through this Troubleshooting the Cisco 3200 Series Mobile Access Router

http://www.cisco.com/en/US/products/hw/routers/ps272/products_configuration_guide_chapter09186a008022b30c.html

New Member

Re: Trying to NAT in a Mobile Node through a mobile tunnel

Thanks for the link but the Troubleshooting guide does not cover what I'm trying to do. I have the tunnel setup and working with no problem. I'm trying to NAT an address from the serial port to an address in the mobile network in the MAR so a server at the other end of the mobile tunnel can get to the device connected to the serial interface on the MAR. NAT appears to not work because of the lack of a route. The route it needs to use is through Tunnel0 which is also the default route. If I add a static route that points to a VLAN interface in the MAR, the translation occurs but of course the real interface doesn't go anywhere. I need it to use the Tunnel0 interface so I need to know what it would take for NAT to recognize Tunnel0 as a valid interface.

Hall of Fame Super Gold

Re: Trying to NAT in a Mobile Node through a mobile tunnel

Do you have "ip nat inside" under tunnel0 ?

Please explain the topology again as I might be missing something of that, what is the reason for nat in first place.

New Member

Re: Trying to NAT in a Mobile Node through a mobile tunnel

Topology is a Mobile Access Router (MAR) on a vehicle with a mobile tunnel (Tunnel0) which goes back to the data center via the Home Agent (HA). A server in the data center needs to send ip packets to a device that is connected to the Serial interface on the MAR. Since the Serial interface is a routed interface and the only network the HA knows how to get to is the subnet of the mobile router, the server needs to send to an IP address within the MARs mobile subnet. So to get to another subnet connected to the MAR, I need to translate a MAR subnet address to another subnets address that is connected to the serial port.

Serial port is 'ip nat outside'

Vlan 10 (which is the MAR subnet) is 'ip nat inside'.

The default route when the mobile tunnel is built is 'Tunnel0'. Tunnel0 is dynamic and is not statically defined. See below:

interface Serial1/0

ip address 10.210.0.254 255.255.0.0

ip nat outside

!

.

!

interface Vlan10

ip address 10.240.0.1 255.255.255.192

ip nat inside

ip virtual-reassembly

!

.

ip nat outside source static 10.210.100.15 10.240.0.12

.

.

0002-MAR#sho ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route

Gateway of last resort is 0.0.0.0 to network 0.0.0.0

172.27.0.0/16 is variably subnetted, 3 subnets, 3 masks

M 172.27.255.253/32 [3/1] via 10.240.0.250, 00:42:26, FastEthernet0/0

C 172.27.0.0/18 is directly connected, Vlan23

C 172.27.64.0/19 is directly connected, Vlan22

10.0.0.0/8 is variably subnetted, 5 subnets, 4 masks

M 10.240.0.250/32 [3/1] via 10.240.0.250, 00:42:26, FastEthernet0/0

C 10.240.0.248/30 is directly connected, FastEthernet0/0

C 10.210.0.0/16 is directly connected, Serial1/0

C 10.255.255.254/32 is directly connected, Loopback0

C 10.240.0.0/26 is directly connected, Vlan10

M* 0.0.0.0/0 is directly connected, Tunnel0

0002-MAR#sho ip nat trans

Pro Inside global Inside local Outside local Outside global

--- --- --- 10.240.0.12 10.210.100.15

0002-MAR#

Hope that helps. Thanks for your patience

Hall of Fame Super Gold

Re: Trying to NAT in a Mobile Node through a mobile tunnel

Hi, you don't really to do nat just to route one address for the device.

Just borrow an unused address from the subnet assigned to the MAR, assign it to the device, on the router configure a so-called host route:

ip route 10.240.0.2 255.255.255.255 serial 1/0

Good luck!

New Member

Re: Trying to NAT in a Mobile Node through a mobile tunnel

I was not able to get it to work. Does the serial interface need an address? What would I put on the device for a default gateway? I don't see how it would work if the serial interface is a routed interface.

Hall of Fame Super Gold

Re: Trying to NAT in a Mobile Node through a mobile tunnel

Serial interface can either have a subnet of his own or unnumbered to any other interface in MAR, whateve is preferred by device.

Device must have default gateway going into serial one way or another. Once you can ping from any interface in MAR, to the device by virtue of said host-route, you should be set.

147
Views
0
Helpful
7
Replies
CreatePlease login to create content