Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1913
Views
0
Helpful
4
Replies

Double NAT over GRE

Go to solution
james.reeves
Level 1
Level 1

‎06-08-2011 10:25 AM - edited ‎03-07-2019 12:42 AM

I am trying to setup a connection in my router that will staticly translate the sourec and destination of a packet and then send it over the GRE tunnel.

Original packet S-10.10.10.10 D-10.20.20.20

XLATE router

Desired packet

Global Packet S-172.16.10.10 D-172.16.20.20

Gig0/0

ip nat inside

ip accounting output-packets

Loopback 10

ip address 10.20.20.1/24

Tunnel4

ip nat outside

ip accounting output-packets

ip nat inside source static 10.10.10.10   10.20.20.20

ip nat outside source static 172.16.20.20 172.16.10.10

ip route 172.16.20.0/24 tunnel4

If I do a traceroute and source it from the loopback interface it works fine and I see the traffic hitting the upstream router.  When actual traffic traverses I see it hit the xlate table but I never see it on the upstream router.  I do see my ping and traceroute in ip accounting.

Any ideas?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
skarthic
Cisco Employee
Cisco Employee
In response to james.reeves

‎06-08-2011 01:20 PM

Yes. For an inside to outside translation routing decision occurs first.  Accordingly NAT occurs then. Here is the cisco page for NAT order of operation -

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080133ddd.shtml

View solution in original post

0 Helpful
4 Replies 4

Go to solution
skarthic
Cisco Employee
Cisco Employee

‎06-08-2011 11:38 AM

So you are saying that the NAT translations are seen in the NAT table.

Could you paste the output of "debug ip nat detailed" and the " debug ip packet detail"

Also does the "sh ip nat translations" show the complete translation being made?

0 Helpful

Go to solution
james.reeves
Level 1
Level 1
In response to skarthic

‎06-08-2011 12:43 PM

I believe I have found the issue.  There is a static route in the configuration for the local outside address pointing out another interface.  I am assuming the router would route the traffic first and then translate still on the outbound interface.

Would you agree?

0 Helpful

Go to solution
skarthic
Cisco Employee
Cisco Employee
In response to james.reeves

‎06-08-2011 01:20 PM

Yes. For an inside to outside translation routing decision occurs first.  Accordingly NAT occurs then. Here is the cisco page for NAT order of operation -

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080133ddd.shtml

0 Helpful

Go to solution
james.reeves
Level 1
Level 1
In response to skarthic

‎06-08-2011 01:26 PM

Thank you.

0 Helpful
Customers Also Viewed These Support Documents