RE: Natting the traffic that comes through a tunnel from CCIE on 2009-05-03 (Ccielab archives 05/2009)

From: CCIE <ccie_at_axizo.com>
Date: Sun, 3 May 2009 20:47:20 +0300

Hello dear,
Here the configuration, the routing is configured correctly

RouterA
Int f0/0
Ip add 1.1.1.1 255.255.255.0
Ip nat outside

Int f0/1
Ip add 172.16.1.1 255.255.255.0
Ip nat inside

Int tu 0
Ip nat inside
Tunnel source 1.1.1.1
Tunnel destination 2.2.2.2
Ip add 10.10.10.1 255.255.255.252

Access-list 10 per 172.16.0.0 0.0.255.255
Ip nat inside source list 10 interface f0/0 overload

RouterB
Int f0/0
Ip add 2.2.2.2 255.255.255.0

Int f0/1
Ip add 172.16.2.1 255.255.255.0

Int tu 0
Tunnel source 2.2.2.2
Tunnel destination 1.1.1.1
Ip add 10.10.10.2 255.255.255.252

There a correct routing configure between RouterA and RouterB, each of them
can ping the tunnel ip of the other side
The host on the LAN of routerA can access the internet through the NAT, but
routerB LAN can't access the internet through routerA

Regards,
Amin

-----Original Message-----
From: Brad Ellis [mailto:brad_at_ccbootcamp.com]
Sent: Sunday, May 03, 2009 5:10 PM
To: CCIE; ccielab_at_groupstudy.com
Subject: RE: Natting the traffic that comes through a tunnel

Post your configs from both routers.

thanks,
Brad Ellis
CCIE#5796 (R&S / Security)
CCSI# 30482
CEO / President
CCBOOTCAMP - A Cisco Learning Partner (CLP)
Email: brad_at_ccbootcamp.com
Toll Free: 877-654-2243
Direct: +1-702-968-5100 = Outside the USA
FAX: +1-702-446-8012
YES! We take Cisco Learning Credits!
Training And Remote Racks: http://www.ccbootcamp.com

-----Original Message-----
From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of
CCIE
Sent: Sunday, May 03, 2009 7:05 AM
To: ccielab_at_groupstudy.com
Subject: Natting the traffic that comes through a tunnel

Hi experts,

I have two router with an IP connectivity between them

RouterA===========IP connectivity==========RouterB

I configure a tunneling interface between them, the tunneling is working
perfectly.

RouterA tunnel source (Which is RouterB tunnel destination) is
configured as
an overloaded NAT on RouterA, so the traffic from RouterB LAN passing
through the tunnel is not natted on RouterA, it is not considered as NAT
hit.

It seems that RouterA consider the traffic as coming from an outside
interface (not inside, even the tunnel interface is configured as
inside).

Any advices?

Regards,

Amin

Blogs and organic groups at http://www.ccie.net
Received on Sun May 03 2009 - 20:47:20 ART

This archive was generated by hypermail 2.2.0 : Mon Jun 01 2009 - 07:04:41 ART