Re: Natting the traffic that comes through a tunnel

Make sure you have the default route on RouterB pointing to RouterA
tunnel ip 10.10.10.1.
Also you must have route on RouterA of 172.16.2.0/24 pointing to
RouterB tunnel ip 10.10.10.2.

Then ping from router A with source ip 1.1.1.1.

If you are able to ping then it should work rest of the configuration
looks okay.

If you still having the issue please post the complete configuration
of both routers.

Regards,
Shoaib

On Sun, May 3, 2009 at 8:47 PM, CCIE <ccie_at_axizo.com> wrote:
> Hello dear,
> Here the configuration, the routing is configured correctly
>
> RouterA
> Int f0/0
> Ip add 1.1.1.1 255.255.255.0
> Ip nat outside
>
> Int f0/1
> Ip add 172.16.1.1 255.255.255.0
> Ip nat inside
>
> Int tu 0
> Ip nat inside
> Tunnel source 1.1.1.1
> Tunnel destination 2.2.2.2
> Ip add 10.10.10.1 255.255.255.252
>
> Access-list 10 per 172.16.0.0 0.0.255.255
> Ip nat inside source list 10 interface f0/0 overload
>
> RouterB
> Int f0/0
> Ip add 2.2.2.2 255.255.255.0
>
> Int f0/1
> Ip add 172.16.2.1 255.255.255.0
>
> Int tu 0
> Tunnel source 2.2.2.2
> Tunnel destination 1.1.1.1
> Ip add 10.10.10.2 255.255.255.252
>
> There a correct routing configure between RouterA and RouterB, each of them
> can ping the tunnel ip of the other side
> The host on the LAN of routerA can access the internet through the NAT, but
> routerB LAN can't access the internet through routerA
>
> Regards,
> Amin
>
>
> -----Original Message-----
> From: Brad Ellis [mailto:brad_at_ccbootcamp.com]
> Sent: Sunday, May 03, 2009 5:10 PM
> To: CCIE; ccielab_at_groupstudy.com
> Subject: RE: Natting the traffic that comes through a tunnel
>
> Post your configs from both routers.
>
> thanks,
> Brad Ellis
> CCIE#5796 (R&S / Security)
> CCSI# 30482
> CEO / President
> CCBOOTCAMP - A Cisco Learning Partner (CLP)
> Email: brad_at_ccbootcamp.com
> Toll Free: 877-654-2243
> Direct: +1-702-968-5100 = Outside the USA
> FAX: +1-702-446-8012
> YES! We take Cisco Learning Credits!
> Training And Remote Racks: http://www.ccbootcamp.com
>
> -----Original Message-----
> From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of
> CCIE
> Sent: Sunday, May 03, 2009 7:05 AM
> To: ccielab_at_groupstudy.com
> Subject: Natting the traffic that comes through a tunnel
>
> Hi experts,
>
> I have two router with an IP connectivity between them
>
> RouterA===========IP connectivity==========RouterB
>
> I configure a tunneling interface between them, the tunneling is working
> perfectly.
>
> RouterA tunnel source (Which is RouterB tunnel destination) is
> configured as
> an overloaded NAT on RouterA, so the traffic from RouterB LAN passing
> through the tunnel is not natted on RouterA, it is not considered as NAT
> hit.
>
> It seems that RouterA consider the traffic as coming from an outside
> interface (not inside, even the tunnel interface is configured as
> inside).
>
> Any advices?
>
> Regards,
>
> Amin
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Mon May 04 2009 - 09:53:52 ART