Buy or Renew
Buy or Renew
Join the Catalyst Center Onboarding Ask Me Anything event happening now!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
9033
Views
0
Helpful
5
Replies

GRE Tunnel - outgoing Nat is not being applied router to router

Go to solution
Ranbeckycr_2
Level 1
Level 1

‎11-21-2011 08:55 AM - edited ‎03-04-2019 02:21 PM

Hello Experts,

I need to nat all my outgoing traffic over GRE.  All traffic should be natted to 192.18.1.60  when the destination is

172.17.4.30.  My problem is that when traffic hits the inside interface of the router and I apply the command "show ip nat translation"  I don't see anything happening on my router. This is my first time applying nat over GRE.

The GRE tunnel is up, I can ping the destination of 172.10.10.6 and the other GRE end 10.10.4.x

This is my config:

hostname Office1

!

!

interface Tunnel1

description office1 -->office22

ip address 10.10.4.114 255.255.255.252

delay 1

keepalive 4 2

tunnel source 172.10.10.10

tunnel destination 172.10.10.6

!

interface FastEthernet0/0

description 2Mbps

ip address 172.10.10.10 255.255.255.252

ip nat outside

ip virtual-reassembly

!

interface FastEthernet0/1

description inside

ip address 192.168.77.66 255.255.255.0

ip nat inside

ip virtual-reassembly

!

ip classless

ip route 0.0.0.0 0.0.0.0 172.10.10.9

ip route 172.17.4.30 255.255.255.255 10.10.4.113 name office22

ip route 10.10.4.112 255.255.255.252 Tunnel1

!

ip http server

no ip http secure-server

ip nat pool office1-office22 192.18.1.60 192.18.1.60 netmask 255.255.255.252

ip nat inside source list office22 pool office1-office22 overload

!

ip access-list extended office22

permit ip 192.168.77.0 0.0.0.255 host 172.17.4.30

!

Thanks for any help provided on this matter.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
andrew.prince
Level 10
Level 10
In response to Ranbeckycr_2

‎11-21-2011 09:54 AM

Yes that should be fine - should have no issues.  however I think you should refine you config to look something like the below:-

~

ip route 172.17.4.30 255.255.255.255 tunnel 1

~

ip nat pool LAN-NAT 192.18.1.60 192.18.1.60 prefix-length 24

ip nat inside source route-map GRE-NAT pool LAN-NAT

~

ip access-list extended Office22

permit ip 192.168.77.0 0.0.0.255 host 172.17.4.30

~

route-map GRE-NAT permit 10

match ip address Office22

~

View solution in original post

0 Helpful
5 Replies 5

Go to solution
andrew.prince
Level 10
Level 10

‎11-21-2011 09:15 AM

Add "ip nat outside" to tunnel 1

HTH>

0 Helpful

Go to solution
Ranbeckycr_2
Level 1
Level 1
In response to andrew.prince

‎11-21-2011 09:43 AM

Andrew thanks for the help!   So just to clarify, I will have two "ip nat outside".

One ip nat outside on the Fastethernet0/0 and One ip nat outside on the Tunnel?

I appreciate your assistance and clarification.

0 Helpful

Go to solution
andrew.prince
Level 10
Level 10
In response to Ranbeckycr_2

‎11-21-2011 09:54 AM

Yes that should be fine - should have no issues.  however I think you should refine you config to look something like the below:-

~

ip route 172.17.4.30 255.255.255.255 tunnel 1

~

ip nat pool LAN-NAT 192.18.1.60 192.18.1.60 prefix-length 24

ip nat inside source route-map GRE-NAT pool LAN-NAT

~

ip access-list extended Office22

permit ip 192.168.77.0 0.0.0.255 host 172.17.4.30

~

route-map GRE-NAT permit 10

match ip address Office22

~

0 Helpful

Go to solution
Ranbeckycr_2
Level 1
Level 1
In response to andrew.prince

‎11-21-2011 09:56 AM

Awesome, I'll give it a shot!  Thanks

0 Helpful

Go to solution
andrew.prince
Level 10
Level 10
In response to Ranbeckycr_2

‎11-21-2011 09:58 AM

Sure no problem.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card