The above link introduces the Cisco ASA Adaptive Security Appliance high availability as Migration Options of the Stateful NAT.
Later on, the NAT Box-to-Box High-Availability feature has been newly added to IOS 15.3(2)T or later.
You can realize high-availability with NAT on ISR G2 Routers by using this feature as the Stateful NAT did.
I will explain the feature overview, basic configuration/settings, and troubleshooting of NAT Box-to-Box High-Availability in the following sections.
NAT Box to Box High Availability (NAT BtoB HA, hereinafter) is the feature designed to enhance the fault tolerance of the NAT router links or router itself in case of unexpected problems.
In addition, asymmetric routing with Dynamic NAT is also supported.
The NAT BtoB HA consists of two components: a function called Redundancy Group (RG) to control active-standby state and the Network Address Translation (NAT) function.
Thus, you need to configure the two components (RG and NAT) for NAT BtoB HA.
Due to the restrictions currently applicable, for example, ALG is only supported for the FTP application, please refer to the following document and verify the behavior thoroughly when you implement this feature.
Restrictions for NAT Box-to-Box High-Availability Support
As of now, NAT BtoB HA supports the following NAT features:
Please note that interface overload options are not supported.
-Simple Static NAT configuration
-Extended Static NAT configuration
-Network Static NAT configuration
-Dynamic NAT and Port Address Translation (PAT) configuration
-NAT inside source, outside source, and inside destination rules
-NAT rules for Virtual Routing and Forwarding (VRF) instances to IP
-NAT rules for VRF-VRF (within same VRF)
Key Configuration Element for NAT BtoB HA
You need to configure the following interfaces with NAT BtoB HA.
Figure. 1 shows the conceptual diagram of the configuration.
-NAT inside/outside interface
-RG control interface (for exchange control information by RG)
-RG data interface (for exchange NAT session data, etc.)
-RG Asymmetric Routing (AR) interface (for forwarding AR packets from Standby to Active; optional)
You can define RG Control/Data/AR interfaces in the same physical interface.
NAT BtoB HA supports the (LAN-LAN) configuration that makes both the inside and outside NAT redundant as well as the (WAN-LAN) configuration that makes only the inside redundant. Figure. 2 is the topology of each configuration.
Hi there,we have a production network that uses ISIS as the underlay protocol for the MP-BGP / MPLS cloud.We have many IOS routers and two ASR-9K with IOS-XR, all of them configured in the same ISIS domain and area. All of the IOS routers are configu...
We noticed utilization spikes on one of our port channels yesterday, but discovered that the traffic did not actually spike to the levels indicated. In fact, the two physical interfaces that comprise the port channel did not reflect these spikes.&nb...
Hi, I recently found a Cisco C891F (the one with a SFP module) along with the power supply in my loft. I've been in my current house for a number of years now and don't have the contact details of the previous owner. Providing I clear any s...
Hello All,Does the 4500X-16 support any other clustering/pairing options other than VSS ? - Don't seem to be able to find anything conclusive either way. Essentially I want to pair 2 x 4500's as a core but provide resiliency/redundancy wi...