Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1022
Views
0
Helpful
2
Replies

SNAT on routed mode.

Go to solution
lucas restrepo
Level 1
Level 1

‎06-29-2011 12:57 PM

Hi,

i have a topology where i have to set up an ACE in routed mode with two context. one for service provider A and one for ISP B.

what i want to do is when i receive a request coming from service proveder A i would like to SNAT that request to de VIP with a specific IP of the servers LAN to hide the source IP of the cliente in that way a can receive the request on the server with a local IP and the resever can respond to that IP.

in the same way to handle traffic on the second ISP.

i have try to set up the configuration in the same way it would work in one arm but it has not worked out for me.

is there a guide to follow or if someone can help me whit this config.

best regards.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
pablo.nxh
Level 3
Level 3

‎06-29-2011 03:18 PM

Hi Lucas,

Does your current NAT config like this?

class-map match-any ISP-1

  2 match virtual-address 20.20.20.10 tcp any

policy-map multi-match LB

  class ISP-1

    loadbalance vip inservice

    loadbalance policy ISP

    loadbalance vip icmp-reply active

    nat dynamic 7 vlan 10

interface vlan 10

  description Server VLAN

  ip address 10.10.10.1 255.255.255.0

  nat-pool 7 10.10.10.15 10.10.10.20 netmask 255.255.255.0 pat

  access-group input any

  access-group output any

  no shutdown

interface vlan 20

  description ISP VLAN

  ip address 20.20.20.1 255.255.255.0

  access-group input any

  access-group output any

  service-policy input LB

  no shutdown

__ __

Pablo

View solution in original post

0 Helpful
2 Replies 2

Go to solution
pablo.nxh
Level 3
Level 3

‎06-29-2011 03:18 PM

Hi Lucas,

Does your current NAT config like this?

class-map match-any ISP-1

  2 match virtual-address 20.20.20.10 tcp any

policy-map multi-match LB

  class ISP-1

    loadbalance vip inservice

    loadbalance policy ISP

    loadbalance vip icmp-reply active

    nat dynamic 7 vlan 10

interface vlan 10

  description Server VLAN

  ip address 10.10.10.1 255.255.255.0

  nat-pool 7 10.10.10.15 10.10.10.20 netmask 255.255.255.0 pat

  access-group input any

  access-group output any

  no shutdown

interface vlan 20

  description ISP VLAN

  ip address 20.20.20.1 255.255.255.0

  access-group input any

  access-group output any

  service-policy input LB

  no shutdown

__ __

Pablo

0 Helpful

Go to solution
lucas restrepo
Level 1
Level 1
In response to pablo.nxh

‎06-30-2011 01:23 PM

Hi Pablo.

you have been of great help this config worked out perfectly.

the was that the site had a redirect on http but the site has not been plibished on the dns server.

but the nat setup help me a great deal.

best regards.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card