09-12-2019 10:19 PM
Hi Community,
Currently the 3 Routers are managed by us, now customer informed us that they will advertise a LAN Prefix via BGP
12.212.0.0 /16
Note: after the Router there are FW facing the other networks cloud
In which we created an ACL for it
access-list 110 remark ** LAN PREFIX **
access-list 110 permit ip 12.212.0.0 0.0.255.255 any
After that we are able to received routes from the LAN prefix
R1#show ip bgp neighbors 10.220.189.112 received-routes | inc 12.212
*> 12.212.0.0/16 10.220.189.112 87 0 131470 ?
R1#show ip bgp neighbors 10.245.195.115 received-routes | inc 12.212
*> 12.212.0.0/16 10.245.195.115 87 0 131470 ?
R1#show ip bgp neighbors 10.240.192.121 received-routes | inc 12.212
*> 12.212.0.0/16 10.240.192.121 91 0 136571 136571 136571 ?
The customer requested to see the IP Nat translations, as per checking we are unable to see any translated IP from the LAN prefix but we are able to see other LAN segments from same AS being translated.
What I can see on the Config is that it is overloaded to the Loopback 0 but i am not sure how come other segments are being translated yet the received routes is not translated.
I just want to have some clarification how it works.
!
interface Loopback0
ip address 192.168.19.9 255.255.255.255
!
ip nat inside source list 110 interface Loopback0 overload
!
interface GigabitEthernet0/1
description LAN: iBGP
ip nat inside
!
route-map FP-193 permit 10
match ip address 100
!
access-list 100 permit ip 49.256.26.0 0.0.0.15 any (Facing FW)
!
BGP
redistribute eigrp 99 route-map FP-193
09-13-2019 12:36 AM
Hello,
looking at the partial configuration you have posted, what are you matching in your NAT statement ?
ip nat inside source list 110 interface Loopback0 overload
!
route-map FP-193 permit 10
match ip address 100
!
access-list 100 permit ip 49.256.26.0 0.0.0.15 any (Facing FW)
Right now you are not matching anything. If the network in access list 100 is what you need to translate, use either:
ip nat inside source list 100 interface Loopback0 overload
or
ip nat inside source route-map FP-193 interface Loopback0 overload
09-13-2019 03:08 AM
09-13-2019 04:40 AM
Hello,
post the full running configuration of the router.
How is the firewall involved, does the firewall do any NAT translation as well ?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide