01-31-2010 07:41 AM
Hi, I have a couple of questions to do with NAT on 7600 and VRF NAT on 7600.
Is it supported on 7600 series and if yes, what Route Processor and what IOS Version?
Is it Software Based? Is there a hardware accelaration (like a SPA Card) someone could use?
I've seen some network books and almost all of them use 7200 series. One of them is suggesting to use PIX Blade as an alternative for high capacity NAT performance, but I assume that is too old?.
Regards.
01-31-2010 04:42 PM
Hello pavlosd,
NAT per VRF is not supported on the Catalyst 6500 series switches and the Cisco 7600 series routers
You can use FWSM to do NAT per VRF, but this is a new feature in ver 3.2(1) and the FWSM has to operate in transparent mode not routed mode.
From the FWSM config guide:
Introducing NAT support for transparent firewalls addresses the NAT per VRF requirement while offering the capability to run routing protocols through the firewall with a simple configuration.
Here is the config guide for FWSM:
http://www.ciscosystems.com/en/US/docs/security/asdm/6_1f/user/guide/intro_platform.html#wp1061017
HTH
Reza
02-02-2010 08:13 AM
Hello Reza,
FWSM 3.2.1 is not so new, the real issue is the original poster should get a FWSM if they haven't one already installed in the C7600 chassis
Hope to help
Giuseppe
02-02-2010 09:23 PM
Investing in a FWSM currently, is not something we would like to do, since the roadmap is not so clear for the specific product or for the compatibility of it with new IOS and features / Cards. I would prefer having a separate ASA box next to the 7600 instead.
I was more looking into a newer version card for NAT, similar to the one that is available for the CRS (not in that scale though :-)....
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide