Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
772
Views
0
Helpful
4
Replies

Dynamic Natting Issue

nitinj
Level 1
Level 1

‎03-19-2006 02:41 AM - edited ‎03-03-2019 12:06 PM

Hi All, I have an issue with dynamic natting. I am using cisco 3725 router on which I hv one vsat & two isdn link for internet. I got the public IPs from VSAT provider but they hav not provided public IP for serial link so I have created private ip network in between PIX & router & did the natting on cisco router for VSAT with IP nat inside source list 1 int fa0/1(vsat link terminating on interface) overload command now when vsat goes down internet thru isdn does not work as there is no natting as such on router for isdn link. so I created another acess-list 2 for natting on isdn interface....with ip nat inside source list 2 interface dialer1 overload command....but still internet is not working..can you tell me how can I run internet from both interface when either link goes down...internet shud work. dont want load balancing...i want backup fallback..

NK

Labels:
0 Helpful
4 Replies 4

pkhatri
Level 11
Level 11

‎03-19-2006 03:14 AM

Hi,

Do something like the following:

ip route 0.0.0.0 0.0.0.0 serial0

ip route 0.0.0.0 0.0.0.0 dialer1 250

!

ip nat inside source route-map ISP1-map interface serial0 overload

ip nat inside source route-map ISP2-map interface dialer0 overload

!

route-map ISP11-map permit 10

match ip address 1

match interface serial0

!

route-map ISP12-map permit 10

match ip address 1

match interface dialer1

Hope that helps - pls rate the post if it does.

Paresh

0 Helpful

nitinj
Level 1
Level 1
In response to pkhatri

‎03-20-2006 05:42 AM

Hi,Thanks for replying...can you tell me have u ever tried this as I dont think it will work...right now I am using below mentioned commands

ip nat inside source list 1 interface fa0/1 overload (this is for vsat)

access-list 1 permit 172.x.x.x

access-list 1 permit any

IP nat inside source list 2 interface dialer1 overload

access-list 2 permit any

but once i put dialer1 overload command my running internet stop working on vsat...once I remove this command it starts working...so I put the route amp for isdn as below

route-map ISDN permit 10

match interface dialer1

ip nat inside source route-map ISDN interface dialer1

i this case my internet which is working on vsat does not stop but when vsat goes down internet on ISDN dowsnot work....

so please let me know if I user route map for both would it work?? or u r not sure ???

Please as it is very critical situation I have to have resolve it.

thanks

NK

0 Helpful

pkhatri
Level 11
Level 11
In response to nitinj

‎03-20-2006 02:47 PM

Hi,

I have used this setup before, with 2 route-maps and it works very well. I suggest you use two route-maps and re-try it, since what you have got currently results in overlapping ACLs for the two 'ip nat inside source list' commands...

Cisco recommends that you don't use the 'permit any' match in ACLs used with NAT so I suggest that you make the ACL more specific.

Paresh

0 Helpful

nitinj
Level 1
Level 1
In response to pkhatri

‎03-20-2006 11:49 PM

Hi, thanks paresh...let me try it.

0 Helpful
Customers Also Viewed These Support Documents