NAT with loopback interface

ilircisco · ‎12-08-2006

Hi

I want to use nat with loopback interface because we have two gateways to internet and at the router I want to implement NAT is one of them.I have tried but no success.There are three interfaces in the router.

I have used and route-maps but do not function.

royalblues · ‎12-08-2006

Hi Friend

Are the two gateways going to the same provider.

which gaetways IP address you configured for the loopback.

Normally one iSP would reject the IP block of other ISPs

Can you share your relevant configs

Narayan

ilircisco · ‎12-08-2006

Thank you for your response.

Is tha same provider.This is the reason i have to implement NAt at the loopback interface.

interface giga0/2.1

ip address 192.168.140.1

ip nat inside

interface loopback 1

ip address real-ip

ip nat outside

access-list 40 permit 192.168.140.0 0.0.0.255

ip nat inside source-list 40 interface loopback 1 overload

or:

ip nat inside source-list 40 pool poolnat overload

ip nat pool poolnat real-ip netmask...

with this config have not ip nat translations

Ilir

tdrais · ‎12-08-2006

You really don't have to assign the nat address to a interface. Your second example should work fine but see below.

Nat is done when traffic passes from inside/outside or outside/inside. What addresses are translated are based on your configuration and are not really related to what the real addresses on interfaces are.

Make sure both your ISP interfaces are setup as outside interfaces and it should work.

Now your provider must have routed this real address to you on both connections for this to work.

The reason you may want to put the address on a loopback or better yet route it to null0 is that traffic coming from the outside destined for that address may not be in the nat table at a certain time. When that occurs the address is not translated and the router will send it back to the ISP because of default route. The ISP of course will just send it back since it has a route in its routing table. You now have a loop until it hits time to live limit. This is a routing problem caused by nat but is not really a nat issue. NAT will appear to work fine you will just see this garbage traffic.

royalblues · ‎12-09-2006

What is the IP configured on the interface connecting to the service provider?

Here is a sample config which should work

ip nat pool link1 x.x.x.x x.x.x.x netmask 255.255.255.x

ip nat pool link2 y.y.y.y y.y.y.y netmask 255.255.255.x

ip nat inside source route-map link1 pool link1 overload

ip nat inside source route-map link2 pool link2 overload

access-list 1 permit

access-list 2 permit

route-map link1 permit 10

match ip address 1

match interface

route-map link2 permit 10

match ip address 2

match interface

ip route 0.0.0.0 0.0.0.0

ip route 0.0.0.0 0.0.0.0 10 <---higher administrative distance (backup link)

HTH, rate if it does

Narayan

santox · ‎12-12-2022

hi I have similar problem.

I have a 1001 that have 2 wan interfaces to an asr 1006 that manager eBGP and public ips.

Routers is generated by iBGP 1006 vs 1001.

I would like to use loopback ip of my 1001 to pref source but I try to manage it with RMAP and I cant find right command.

Need this for use only one IP to work with 1001 and connection with Radius too.

thank you and good work