07-04-2012 06:16 AM - edited 03-04-2019 04:52 PM
Hi, i was building a site to site VPN with client. and wanted to to conditional PAT on that but not successfull.
What i want to do is PAT source subnet 10.0.0.0/8 on to 8.224.44.1 for destination 172.16.1.1
in ACL Encryption domain i have
ip access-list Extended VPNLIST
permit ip host 8.224.44.1 host 172.16.1.1
on nat i am trying to do is.
ip nat inside source list NATACL pool PATIP overload
ip access-list NATACL
permit ip 10.0.0.0 0.255.255.255 host 172.16.1.1
ip access-list PATIP
permit 8.224.44.1
but its not working. any ideas, how can i accomplish conditional PAT?
Solved! Go to Solution.
07-04-2012 07:33 AM
Hi,
to create a pool you must do this:
ip nat pool PATIP 8.224.44.1 8.224.44.1 prefix-length 24
Regards.
Alain.
Don't forget to rate helpful posts.
07-04-2012 07:33 AM
Hi,
to create a pool you must do this:
ip nat pool PATIP 8.224.44.1 8.224.44.1 prefix-length 24
Regards.
Alain.
Don't forget to rate helpful posts.
07-05-2012 08:43 AM
Hi Alain,
i was able to fix my issue be creating a loop back, and then overloading on that.
and yes you are right i was creating Pool wrong, if i would have tried as you suggested that would have fixed the issue as well, so full marks to you.
one issue i still faced was one packet success one drop and then one success then one drop.
I had to disable i route caaching on my outgoing interface on which crypto was applied, might be IOS bug.
thank you , i am good to go
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: