The above link introduces the Cisco ASA Adaptive Security Appliance high availability as Migration Options of the Stateful NAT.
Later on, the NAT Box-to-Box High-Availability feature has been newly added to IOS 15.3(2)T or later.
You can realize high-availability with NAT on ISR G2 Routers by using this feature as the Stateful NAT did.
I will explain the feature overview, basic configuration/settings, and troubleshooting of NAT Box-to-Box High-Availability in the following sections.
NAT Box to Box High Availability (NAT BtoB HA, hereinafter) is the feature designed to enhance the fault tolerance of the NAT router links or router itself in case of unexpected problems.
In addition, asymmetric routing with Dynamic NAT is also supported.
The NAT BtoB HA consists of two components: a function called Redundancy Group (RG) to control active-standby state and the Network Address Translation (NAT) function.
Thus, you need to configure the two components (RG and NAT) for NAT BtoB HA.
Due to the restrictions currently applicable, for example, ALG is only supported for the FTP application, please refer to the following document and verify the behavior thoroughly when you implement this feature.
Restrictions for NAT Box-to-Box High-Availability Support
As of now, NAT BtoB HA supports the following NAT features:
Please note that interface overload options are not supported.
-Simple Static NAT configuration
-Extended Static NAT configuration
-Network Static NAT configuration
-Dynamic NAT and Port Address Translation (PAT) configuration
-NAT inside source, outside source, and inside destination rules
-NAT rules for Virtual Routing and Forwarding (VRF) instances to IP
-NAT rules for VRF-VRF (within same VRF)
Key Configuration Element for NAT BtoB HA
You need to configure the following interfaces with NAT BtoB HA.
Figure. 1 shows the conceptual diagram of the configuration.
-NAT inside/outside interface
-RG control interface (for exchange control information by RG)
-RG data interface (for exchange NAT session data, etc.)
-RG Asymmetric Routing (AR) interface (for forwarding AR packets from Standby to Active; optional)
You can define RG Control/Data/AR interfaces in the same physical interface.
NAT BtoB HA supports the (LAN-LAN) configuration that makes both the inside and outside NAT redundant as well as the (WAN-LAN) configuration that makes only the inside redundant. Figure. 2 is the topology of each configuration.
Hello,I have Cisco CISCO2911/K9 router (15.7(3)M) and I would like to graph (using SNMP) some counters which are shown using "show crypto session", however, I have not been able to find which MIB resp.When I make snmpwalkserver:~$ snmpwalk -c <communit...
I think I have fallen victim to the CSCun66310 bug: Nexus 5596: System fails to boot after a power cycle The resolution posted is to run a certain script then upgrade to a certain stable image. But my question is; if I cant even get console...
Community Live- Basic Wireshark for Networking Students
(Live event - formerly known as Webcast- Tuesday 14 April, 2020 at 10 am Pacific/ 1 pm Eastern / 7 pm Paris)
This event will have place on Tuesday 14th, April 2020 at 10hrs PDT
Hello , i have asr1006 i use it as BNG (pppoe server)and i Use Policy-map type (police cir) for per-clientand the router was have 2000 client and everything is ok but after i add more user, i arrve to 7000 Client connected Perus...
Hi When I ran traceroute command from the cisco device, I am getting different outputs every time. The path is the same, but some hop is shown sometimes and sometimes not.But when we check traceroute on MikroTik device, it shows the same path on ever...