RE: OSPF and NAT (CCBootCamp Lab 17)

From: Daniel M. Dawson (dandawson@xxxxxxxxxx)
Date: Fri Apr 20 2001 - 15:31:02 GMT-3

• Next message: Alan Basinger: "RE: Blank e-mails"
• Previous message: Adam Cratty: "Introduction"
• Maybe in reply to: Daniel M. Dawson: "OSPF and NAT (CCBootCamp Lab 17)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
That did the trick Erick, Thanks. New configs below.

ip nat inside source list 102 interface Serial0/1 overload
!
access-list 102 deny ospf any any
access-list 102 permit ip any any
!

Daniel M. Dawson
E-mail: dandawson@lucent.com

-----Original Message-----
From: Erick B. [mailto:erickbe@yahoo.com]
Sent: Friday, April 20, 2001 12:40 PM
To: Daniel M. Dawson; ccielab@groupstudy.com
Cc: Allyn Baskerville (E-mail); Joe Halcli (E-mail 2)
Subject: Re: OSPF and NAT (CCBootCamp Lab 17)

Check 'show ip nat trans' and I bet you'll see the
OSPF mcast packets getting translated. Then deny ospf
in the ACL for your NAT traffic which should resolve
the issue.

--- "Daniel M. Dawson" <dandawson@lucent.com> wrote:
> Working on Lab 17 can't find my problem.
>
> Two routers R1 and R2 connect via serial (hdlc). R1
> has NAT going on the
> interface going toward router R2 (see configs
> below). R2/R1 neighbor
> relationship get's stuck in INIT state as long as IP
> NAT OUTSIDE is on R1's
> interface to R2. Take the IP NAT OUTSIDE out of
> R1's config and the OSPF
> adjacency comes up immediately. Debug on R1 shows
> it see's hellos coming
> from R2. Debug from R2 shows no hellos coming from
> R1. Configs look
> similar to answers from CCBootCamp and can't find
> anything in the archives.
> Just about decided it is a bug but thought I'd see
> if anyone else has run
> into problems with OSPF adjacencies and NAT.
> Running 11.3(10)T on R2 and
> 12.0(7)T on R1.
>
> Thanks
>
> Dan
>
> R1:
> interface Loopback0
> ip address 15.15.1.1 255.255.255.0
> !
> interface Serial0/1
> ip address 200.200.200.1 255.255.255.0
> no ip directed-broadcast
> !
> router ospf 1
> network 10.1.11.1 0.0.0.0 area 0
> network 15.15.1.1 0.0.0.0 area 0
> network 200.200.200.0 0.0.0.255 area 20
> !
> ip nat inside source list 2 interface Serial0/1
> overload
> !
> access-list 2 permit any
>
> R2:
> interface Loopback0
> ip address 15.15.2.2 255.255.255.0
> !
> interface Serial0/1
> ip address 200.200.200.2 255.255.255.0
> service-module t1 clock source internal
> !
> router ospf 1
> network 15.15.2.2 0.0.0.0 area 20
> network 200.200.200.2 0.0.0.0 area 20
> distribute-list 1 in Serial0/1
> !
> ip classless
> !
> access-list 1 deny any
>
>
>
>
>
>
>
>
> Daniel M. Dawson
> E-mail: dandawson@lucent.com
> **Please
> read:http://www.groupstudy.com/list/posting.html
>

• Next message: Alan Basinger: "RE: Blank e-mails"
• Previous message: Adam Cratty: "Introduction"
• Maybe in reply to: Daniel M. Dawson: "OSPF and NAT (CCBootCamp Lab 17)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:29:53 GMT-3