Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
432
Views
4
Helpful
4
Replies

SD-WAN DIA - NAT-Type Interface , Pool , Loopback

Hamidreza
Level 1
Level 1

‎05-11-2024 02:06 PM

Hi everyone,

Currently, I've been using the Interface NAT type for Direct Internet Access (DIA) across multiple networks.

 

Hamidreza_1-1715461491434.png

 

However, I recently came across a Cisco article (Below link) suggesting the utilization of a Loopback interface for DIA instead. I'm a bit confused about this approach and would appreciate it if someone could explain to me how I can implement and configure the loopback interface for DIA.

https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/nat/nat-book-xe-sdwan/configure-nat.html

Labels:
0 Helpful
4 Replies 4

Kanan Huseynli
VIP
VIP

‎05-11-2024 02:51 PM

Hi,

could you point what is exactly you want to highlight from the doc? Basically, NAT using loopback is supported as you show in picture (which is part of interface template). You simple enable NAT with loopback and traffic will be overloaded (i.e PAT) using loopback interface IP instead of interface IP.

 

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

Hamidreza
Level 1
Level 1
In response to Kanan Huseynli

‎05-12-2024 02:20 AM - edited ‎05-12-2024 02:33 AM

I'm not convinced why I should use a Loopback interface instead of a Physical interface. Can you please provide an example of a situation in which I can use a Loopback interface for Direct Internet Access (DIA)?

Kanan Huseynli
VIP
VIP
In response to Hamidreza

‎05-12-2024 03:07 AM

Hi,

this is just possibility of different options. There is no strict preference between physical and loopback usage. For example, for better security you may not want to NAT overload user traffic to interface IP but to another IP from the loopback.

One more example, you have private IP based interconnection with IPs and loopback NAT (where is public IP) is essential to translate users' IPs to public IP .

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

balaji.bandi
Hall of Fame
Hall of Fame

‎05-12-2024 12:11 AM

That is one of the option available for you to use it, it is not mandatory to use loopback, 

From Cisco IOS XE Catalyst SD-WAN Release 17.14.1a, you can configure multiple NAT types for an interface.

You should not dependent on any physical interface for NAT, so you can use loopback

check the usecase mentioned your document ""Multiple NAT DIA Methods on an Interface

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Customers Also Viewed These Support Documents