10-10-2009 04:52 AM - edited 03-06-2019 08:04 AM
Hi,
here is a part of our router configuration
interface fastethernet0
description WAN Interface
ip address 71.5.x.x 255.255.255.252
exit
interface fastethernet1
description LAN Interface
ip address 124.247.x.x 255.255.255.128
ip address 172.16.x.x 255.255.0.0 secondary
exit
interface bri0/0
encapsulation ppp
no ip route-cache
no ndsp enable
no mpls route-cache
exit
interface tunnelx
tunnel mode gre ip
tunnel source 71.5.x.x
tunnel destination 71.5.x.x
ip address 10.240.x.x 255.255.255.252
mtu 1524
ip tcp adjust-mss 1420
exit
ip route 0.0.0.0 0.0.0.0 tunnelx
ip route 71.0.0.0 255.0.0.0 71.5.x.x
Now i have two questing
1. Why do we have two routes.
2. I want to configure PAT.
While configuring PAT if i make int f0(WAN) as NAT outside interface nothing works and if i make tunnelxx as NAT outside interface translation does takes place(sh ip nat trans) but internet does not work. here is what i do to configure NAT.
ON FE1
ip nat inside
ON FE0 OR TUNNXX
ip nat ouside
ACL
access-list 1 permit 172.16.x.x 255.255.0.0
NAT
ip nat inside source list 1 interface f0 or tunnxx overload
where am i going wrong..?
thanks in advance
regards
10-11-2009 05:39 PM
You seem to have the nats on the ints correct, but you may need to deny traffic in the acl so you do not nat everything. WHat are you attempting? Is this a split tunnel or do you want all traffic to use the tunnel?
10-11-2009 09:30 PM
Thanks for the reply...well i didn't get your point when you say " so you don't nat everything."
I just want to configure NAT so that users can access internet..and i don't know if it is a split tunnel
Thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide