samuel

Will get the config to you soon.

Wilson

Please find attached config. the other 6506 is identical appart from IP addressing.

>ip address 100.4.20.2 255.255.255.192

IP range is from 100.4.20.0 - 63

*** ip route 100.4.20.64 255.255.255.192 Vlan60

10.4.20.64 - 127 is out of the IP range

Hi

I should have explained that Vlan 60 addressing is

100.4.20.0 to 100.4.20.63 255.255.255.192 (outside)

The nat addresses take the next range 100.4.20.64 to

100.4.20.127

vlan 1 the addresses to be natted 10.0.0.0 255.0.0.0

(inside) but i am only using about 40 management addresses out of this range.

Hi, I should explain more.

Your 1st Question:

The problems is I can only get NAT to work if I put a static route pointing to VLAN 60.

Answer:

int vlan60 define ip range from 100.4.20.0 to 63

So, you should add static route before routing process can know 100.4.20.64-127 is belong to which interface.

2nd Question:

...why add to other 6506... nat don't work...

there are some issues making this result:

1. 2 x 6506 nat config is the same ???

2. routing make loops ?

3. How outside ip reply the right 6506 not the other 6506?

More information needed...

Hi again

I am using hsrp with the second 6506 as the secondary redundent switch. If the primary 6506 goes down then the other takes over, but without the static route pointing to Vlan 60 (on the secondary 6506)the NAT will not work?

Your first question 2 x nat config is the same. only the static nat is the same the other has diffrent interface i.e. ip addresses secondary 6505 vlan 60 int 100.4.20.3 the same for vlan 1.

2. Yes I see this may be the reason why it will not accept the static roure to vlan60 on the other switch.

3. because there is no route on the other.

I suppose my real question is how do I get nat to work in a redundent setup? i.e. if the primary 6506 fails how do I get the secondary to pick up the nat translations?

Regards John