cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4299
Views
5
Helpful
5
Replies

SNAT- use the virtual HSRP IP for the IP in your NAT pool

t.doherty
Level 1
Level 1

I'm configuring stateful nat with HSRP between two routers with overload to PAT to one IP address. Is it possible to use the virtual/standby IP configured for HSRP as the IP in the nat pool statement with the overload command? For example:

router1

f0/0

10.1.1.1 255.255.255.0

ip nat outside

standby ip 10.1.1.3

standby name SNAT

standby priority 110

standby preempt

int s0/0/0

192.168.1.1 255.255.255.252

ip nat inside

ip nat Stateful id 1

redundancy SNAT

mapping-id 1

protocol udp

ip nat pool NAT 10.1.1.3 10.1.1.3 netmask 255.255.255.0

ip nat inside source list HIDE_IP pool NAT mapping-id 1 overload

router 2

f0/0

10.1.1.2 255.255.255.0

ip nat outside

standby ip 10.1.1.3

standby name SNAT

standby priority 105

standby preempt

int s0/0/0

192.168.2.1 255.255.255.252

ip nat inside

ip nat Stateful id 1

redundancy SNAT

mapping-id 1

protocol udp

ip nat pool NAT 10.1.1.3 10.1.1.3 netmask 255.255.255.0

ip nat inside source list HIDE_IP pool NAT mapping-id 1 overload

Thanks

5 Replies 5

aghaznavi
Level 5
Level 5

I think it is possible. The link below has an example of using overload commands on IP nat pool in HSRP.

http://www.cisco.com/en/US/prod/collateral/iosswrel/ps8802/ps6969/ps1839/prod_white_paper0900aecd8052870b.html

What about using stateful NAT with overloading the outside interface?  I am not able to code the keyword "mapping-id" which would cause the active router to exchange state information with the standby.  I have 3925 router.  I can only code the mapping-id keyword if I am using a pool of ip addresses by which to NAT.

Please assist.

if you want to use one IP

then make the pool start and end as the same IP in this case you will be able to use the pool commands with maping-id and the IP will be used only the one you specified in the pool

by the way becareful that SNAT is end of life feature with Cisco IOS !!

End-of-Sale and End-of-Life Announcement for the Cisco IOS Stateful Failover of Network Address Translation (SNAT)

http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6640/end_of_life_notice_c51-611706.html

hope this help

if helpful rate

This is beautiful!  How do I rate your comment?

Click on the stars under the post

Sent from Cisco Technical Support iPhone App

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco