First a little presentation of the setup:
I have a router with:
- FastEthernet1/0 connected to a LAN using the 192.168.0.0/24 subnet
- FastEthernet1/1 connected to the rest of the network
I want the local lan to appear as 10.1.0.0/24 to the rest of the network.
Because of other things in the full config, I can't use inside/outside nat and I have to use NVI. (I did test that the issue appears even without the rest of the config and just the NAT stuff presented here).
interface FastEthernet1/0 ip address 192.168.0.1 255.255.255.0 ip nat enableinterface FastEthernet1/1 ip address 10.2.0.1 255.255.255.0 ip nat enableinterface Loopback0
ip address 10.1.0.1 255.255.255.0
ip nat enable
ip nat source static network 192.168.0.0 10.1.0.0 /24The Loopback0 interface is there for two things:
I need to distribute the 10.1.0.1 route via OSPF in the full config
Since incoming packet from FastEthernet1/1 go through routing before NVI NAT so I need a target to get them to an interface with ip nat enable for the reverse path to work at all.
So now to the problem:
From a freshly reloaded router, when someone from the gloal network ( FastEthernet1/1 ) tries to contact something on the LAN, it doesn't work.
But as soon as the machine on the lan tried to contact someone on the global network, then reverse connection will work fine as well (until the next reload).
If I disable CEF ( no ip cef ) , then everything works fine.
Any reason to this ?
Cheers,
Sylvain
