cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2472
Views
0
Helpful
5
Replies

EEM Script to Automate DHCP/NAT changes on WAN address

Jmyhndrx123
Level 1
Level 1

Hi all,

I'm new to eem scrpting.

I need to know if it's possible to write a simple script on a DHCP cilent used for a backup in a Call center.

If power is lost or a connection it lost to the WAN interface the address will change from time to time. It does happen.

I have a bunch of static nat and port forwarding statements that don't work after the address change.

Is there a way to tell the router "consider all of the subnet possible addresses in a /192 subnet situation" ?

Then translate all nat statements to the new WAN address?

Thanks

I'm not sure if I'm asking the right question yet but that is close.

Back up router is a DHCP client and changes addresses from time to time. The router is a 3825 running 12.3 adventerprise image.

It''s not going to be updated past that.

Thanks again

evan

5 Replies 5

Joe Clarke
Cisco Employee
Cisco Employee

I'm still not clear what you want.  When configuring NAT, you don't have to specify a pool.  You can specify an interface name instead so that translation always happens to that interface:

ip nat inside source list 101 interface Gi0/1 overload

Plus, if you only have 12.3 mainline code, you do not have the capability to do what you want with EEM.  You would need 12.3(14)T or higher to be able to do Tcl and EEM scripting.

Thanks Joseph,

I guess I can't do it in any case because of the IOS ver. it's actually 12.3 (11).

We have a lot of static port forwarding going on. I not sure how it's going to work when the WAN address changes.

I was looking for a way to keep all of the one to one static nat statements working to the inside servers. Eventually they have to get a static ip address for the backup.

Thanks again.

evan

p.s. how would one do it if we get the updated ios ver. I see problems coming if I don't take some proactive measure.

Someway to monitor the WAN address change and keep the port fowarding exactly the same and maybe notify someone that it did change as it's a DHCP client?

There is a DHCP syslog message that is generated when the IP address changes.  I don't have it off the top of my head, but you could do something like this:

event manager applet change-address

event syslog pattern "DHCP"

action 001 cli command "enable"

action 002 cli command "show int Fa0 | inc Internet address is"

action 003 regexp "is ([0-9\.]+)" $_cli_result match addr

action 004 cli command "config t"

(From here, just do actions to replace the current NAT statements with $addr as the new WAN address.)

Thanks Joseph,

I'm not sure how to enter the info in the action statements but I appreciate the start and the quick lesson.

thanks again

evan

Like:

action 005 cli command "no ip nat ..."

action 006 cli command "ip nat ..."

Essentially do what you would do manually, and keep incrementing the action number.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco