Re: NAT on a stick doesn't work

From: Tarun Pahuja (pahujat@gmail.com)
Date: Mon Feb 18 2008 - 10:38:17 ARST

• Next message: John: "Re: Frame-relay inverse-arp ..."
• Previous message: Tandou Mohamed: "Re: Service policy attachment is failing"
• Maybe in reply to: nhatphuc: "NAT on a stick doesn't work"
• Next in thread: Sadiq Yakasai: "Re: NAT on a stick doesn't work"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Phuc,
         Couple of corrections in your config. Try this link

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080094430.shtml

HTH,
Tarun

On 2/15/08, nhatphuc <nhatphuc@gmail.com> wrote:
>
> Hi Group,
>
> My scenario is the same as one in this link:
> http://www.groupstudy.com/archives/ccielab/200312/msg01239.html
>
> But it doesn't work. RouterNAT doesn't policy routing
>
> |--------G0/0--RouterNAT
> PC1----|
> |---------Gateway -----(Internet)
>
> interface Loopback0
> ip address 150.1.1.1 255.255.255.0
> ip nat inside
> ip virtual-reassembly
>
> interface GigabitEthernet0/0
> description TO LAN
> ip address 192.168.4.1 255.255.255.0 secondary
> ip address 192.168.3.6 255.255.255.0
> ip nat outside
> ip virtual-reassembly
> ip policy route-map PBR
> duplex auto
> speed auto
>
> route-map PBR permit 10
> match ip address NET4
> set interface Loopback0
> !
> route-map PBR deny 20
>
> ip access-list standard NET4
> permit 192.168.4.0 0.0.0.255
>
> ip nat pool GLOBAL 192.168.3.30 192.168.3.40 prefix-length 24
> ip nat inside source list NET4 pool GLOBAL overload
>
>
> Router#u all
> Feb 16 00:19:16 : IP: s=192.168.4.5 (GigabitEthernet0/0), d=192.168.3.20,
> len 60, FIB policy match
> Feb 16 00:19:16 : IP: s=192.168.4.5 (GigabitEthernet0/0), d=192.168.3.20,
> len 60, policy match
> Feb 16 00:19:16 : IP: route map PBR, item 10, permit
> Feb 16 00:19:16 : IP: s=192.168.4.5 (GigabitEthernet0/0),
> d=192.168.3.20(GigabitEthernet0/0), len 60, policy rejected -- normal
> forwarding
> Router#u all
> Feb 16 00:19:21 : IP: s=192.168.4.5 (GigabitEthernet0/0), d=192.168.3.20,
> len 60, FIB policy match
> Feb 16 00:19:21 : IP: s=192.168.4.5 (GigabitEthernet0/0), d=192.168.3.20,
> len 60, policy match
> Feb 16 00:19:21 : IP: route map PBR, item 10, permit
> Feb 16 00:19:21 : IP: s=192.168.4.5 (GigabitEthernet0/0),
> d=192.168.3.20(GigabitEthernet0/0), len 60, policy rejected -- normal
> forwarding
>
> Anyone has successfully configured this scenario? How do I make it work?
>
> Thanks
>
> Phuc
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: John: "Re: Frame-relay inverse-arp ..."
• Previous message: Tandou Mohamed: "Re: Service policy attachment is failing"
• Maybe in reply to: nhatphuc: "NAT on a stick doesn't work"
• Next in thread: Sadiq Yakasai: "Re: NAT on a stick doesn't work"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Mar 01 2008 - 16:54:49 ARST