Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
521
Views
0
Helpful
3
Replies

Need help with NAT VRF Aware

dankennedy
Level 1
Level 1

‎07-02-2007 03:37 AM

Hi. I am having some problems with VRF aware NAT. I have followed the Cisco documentation, but i'm still having problems with dynamic nat.

The scenerio is i have a VRF called CUST1 which i can NAT if i use static vrf NAT, but not dynamic. The configuration is as follows

ip nat pool CUSTA_POOL 192.168.10.17 192.168.10.17 netmask 255.255.255.0

ip nat source list CUSTA_NAT pool CUSTA_POOL vrf CUSTA overload

!

ip route vrf CUSTA 0.0.0.0 0.0.0.0 FastEthernet0/0 217.20.23.17

!

ip access-list standard CUSTA_NAT

permit 172.16.0.0 0.0.255.255 log

!

!

interface FastEthernet0/0

description "OUTSIDE INT"

ip vrf forwarding SHARED_INT

ip address 192.168.10.1 255.255.255.0

ip nat outside

ip virtual-reassembly

duplex full

!

!

interface Ethernet2/0.1

encapsulation dot1Q 10

ip vrf forwarding CUSTA

ip address 172.16.1.10 255.255.255.252

ip nat inside

ip virtual-reassembly

!

When using the configuration as above i can see that NAT does not take place as i can see the real address (172.16.1.9) on the next hop. If i use a static NAT statement like...

ip nat inside source static 172.16.1.9 192.168.10.17 vrf CUSTA

It will succesfully NAT. Any help with this would be much appreciated.

Thanks

Dan.

Labels:
0 Helpful
3 Replies 3

mheusing
Cisco Employee
Cisco Employee

‎07-02-2007 04:48 AM

Hi,

With the configuration above there were some restrictions depending on platform and IOS version - including VRF to VRF NAT, if I remember correctly.

Did you have a look at the NAT virtual interface at

http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/products_feature_guide09186a008041d91a.html

This should be solving your issue. The document will give you an example for static as well as dynamic NAT. All you need to do, is to adjust names and addresses, I guess.

Hope this helps!

Regards, Martin

0 Helpful

dankennedy
Level 1
Level 1
In response to mheusing

‎07-02-2007 05:20 AM

This did not solve my issue. I do have the an IOS supporting all required features. Any other ideas?

Thanks

Dan.

0 Helpful

swaroop.potdar
Level 7
Level 7
In response to dankennedy

‎07-02-2007 09:21 PM

Hi Dan, you config in this post looks like for a NAT between a VRF and global interface, going by the "ip route".

Please do refer to which Cisco document you have been suing for the same.

If its a NAT between VRF and a Global interface, I have replied to it in the other thread. If its VRF to VRF then Martin has given the right link.

HTH-Cheers,

Swaroop

0 Helpful
Customers Also Viewed These Support Documents