cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
361
Views
0
Helpful
3
Replies

EEM script for NAT change during WAN failover

ReUse888
Level 1
Level 1

Hi there, I have been running an EEM script in IOS-XE (1100 series ISR) to change a bunch of NAT entries when my primary WAN fails over to my secondary eg…

 

event manager applet PRI_Down

 description If Dialer is down then clear NAT and RandR NAT entries

 event track 1 state down

 action 1.1 cli command "enable"

 action 1.2 cli command "configure terminal"

 action 1.3 cli command "do clear ip nat translation forced"

 action 1.4 cli command "no ip nat inside source static tcp 192.168.1.2 443 interface Dialer0 443"

action 1.5 cli command "ip nat inside source static tcp 192.168.1.2 443 interface Cellular0/2/0 443"

 

…. This is just one of many NAT’s that get swapped out. Most of these correctly ‘swap out’ however some get ‘stuck’ and don’t get replaced.

I know if I manually remove and re-add these NATS I sometimes get “Port #### in use by…” system Error which I think is due to the external IP I am using for my static NAT is also used for the PAT pool and the port is already allocated. IF I shut the WAN interface down and re-add the NAT lines they are accepted without issue… So my question…..

Please help me with a better EEM script!

Note - You may laugh but I added a line to shut the interface down and then re add the NAT entries but of course that sent the primary and secondary links into a never ending loop of detection, switchover, shutdown

3 Replies 3

No need EEM you can use 

Conditional static NAT

https://www.ciscozine.com/using-route-maps-for-conditional-nat/

MHM