07-04-2012 06:16 AM - edited 03-04-2019 04:52 PM
Hi, i was building a site to site VPN with client. and wanted to to conditional PAT on that but not successfull.
What i want to do is PAT source subnet 10.0.0.0/8 on to 8.224.44.1 for destination 172.16.1.1
in ACL Encryption domain i have
ip access-list Extended VPNLIST
permit ip host 8.224.44.1 host 172.16.1.1
on nat i am trying to do is.
ip nat inside source list NATACL pool PATIP overload
ip access-list NATACL
permit ip 10.0.0.0 0.255.255.255 host 172.16.1.1
ip access-list PATIP
permit 8.224.44.1
but its not working. any ideas, how can i accomplish conditional PAT?
Solved! Go to Solution.
07-04-2012 07:33 AM
Hi,
to create a pool you must do this:
ip nat pool PATIP 8.224.44.1 8.224.44.1 prefix-length 24
Regards.
Alain.
Don't forget to rate helpful posts.
07-04-2012 07:33 AM
Hi,
to create a pool you must do this:
ip nat pool PATIP 8.224.44.1 8.224.44.1 prefix-length 24
Regards.
Alain.
Don't forget to rate helpful posts.
07-05-2012 08:43 AM
Hi Alain,
i was able to fix my issue be creating a loop back, and then overloading on that.
and yes you are right i was creating Pool wrong, if i would have tried as you suggested that would have fixed the issue as well, so full marks to you.
one issue i still faced was one packet success one drop and then one success then one drop.
I had to disable i route caaching on my outgoing interface on which crypto was applied, might be IOS bug.
thank you , i am good to go
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide