Re: Simple NAT Issue

From: Pavel Bykov (slidersv@gmail.com)
Date: Wed Feb 04 2009 - 04:22:03 ARST

• Next message: Pavel Bykov: "Re: Sample Questions"
• Previous message: joe_astorino@comcast.net: "Simple NAT Issue"
• Maybe in reply to: joe_astorino@comcast.net: "Simple NAT Issue"
• Next in thread: Pavel Bykov: "Re: Simple NAT Issue"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

One of the solutions how to accomplish your goal is to use PBR and local
policy.
e.g.:

route-map NAT
set interface lo55
!
ip local policy route-map NAT

On Wed, Feb 4, 2009 at 6:32 AM, <joe_astorino@comcast.net> wrote:

> I am having a problem regarding NAT and was hoping somebody could help me
> understand this. I have a router, R5 that I wish to do NAT translation so
> that anything sourced from its Loopback55 address will be translated to its
> Loopback1 interface. This way I can meet a requirement that I should be able
> to source a ping from Loopback55 and have it reply successfully without
> adding Loopback55 to any routing protocol.
>
> If I set this up the way I have below, and try a ping sourced from Lo55 it
> does not work...no translation occurs. I thought I remember hearing
> something at one point that the router doing the NAT translation won't NAT
> packets sourced from itself, only packets that pass through it, but I am not
> sure on that. Any ideas guys?
>
> Just to be sure, I have checked that I do have reachability to the address
> I am trying to ping when sourced from lo1.
>
> R5(config)#do sh ip int brie | i Loop
> Loopback1 99.99.99.5 YES manual up up
> Loopback55 55.55.55.55 YES manual up up
>
> R5(config)#do sh access-list 55
> Standard IP access list 55
> 10 permit 55.55.55.55
>
> R5(config)#do sh run int e0/0 | i ip nat
> ip nat outside
>
> R5(config)#do sh run int s2/0 | i ip nat
> ip nat outside
>
> R5(config)#do sh run int s2/0.56| i ip nat
> ip nat outside
>
> R5(config)#do sh run int s2/1 | i ip nat
> ip nat outside
>
> R5(config)#do sh run int lo1 | i nat
> ip nat outside
>
> R5(config)#do sh run int lo55 | i nat
> ip nat inside
>
> ip nat inside source list 55 interface lo1 overload
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
>

-- 
Pavel Bykov
----------------
Don't forget to help stopping the braindumps, use of which reduces value of
your certifications. Sign the petition at http://www.stopbraindumps.com/
Blogs and organic groups at http://www.ccie.net

• Next message: Pavel Bykov: "Re: Sample Questions"
• Previous message: joe_astorino@comcast.net: "Simple NAT Issue"
• Maybe in reply to: joe_astorino@comcast.net: "Simple NAT Issue"
• Next in thread: Pavel Bykov: "Re: Simple NAT Issue"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Mar 01 2009 - 09:44:10 ARST