Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1223
Views
0
Helpful
4
Replies

Route Map and NAT

dylan.keys1
Level 1
Level 1

‎12-14-2016 08:39 PM - edited ‎03-08-2019 08:34 AM

Hi,

Am having some issues getting a route map and NAT working. I have 2 LAN's and a /27 block of public IP address. I need one LAN to use just one of the public IP address and the other LAN to use one of the public IP Address out of the assigned pool.

Bellow is my config, would appreciate any help!

!
interface GigabitEthernet0/0/0
 no ip address
 negotiation auto
 !
!
interface GigabitEthernet0/0/0.60
 description XXX2 LAN
 encapsulation dot1Q 60
 ip address 10.0.60.30 255.255.255.224
 ip nat inside
 ip virtual-reassembly
!
interface GigabitEthernet0/0/0.99
 
 encapsulation dot1Q 99
 ip address 20.x.x.30 255.255.255.224
 ip nat outside
 ip virtual-reassembly
!
interface GigabitEthernet0/0/0.100
 description MANAGEMENT LAN (NO INTERNET ACCESS)
 encapsulation dot1Q 100
 ip address 10.0.100.254 255.255.255.0
!
interface GigabitEthernet0/0/0.152
 
 encapsulation dot1Q 152
 ip address 10.0.152.254 255.255.255.0
 ip nat inside
 ip virtual-reassembly
!
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip nat pool XXX2-LAN-POOL 20.x.x.2 20.x.x.29 netmask 255.255.255.224
ip nat pool XXX-LAN-POOL 20.x.x.30 20.x.x.30 netmask 255.255.255.224
ip nat inside source route-map XXX2-LAN-MAP pool XXX2-LAN-POOL
ip nat inside source route-map XXX-LAN-MAP pool XXX-LAN-POOL overload
!
ip access-list extended XXX2-LAN-LIST
 permit ip 10.0.60.0 0.0.0.31 any
 deny   ip any any
ip access-list extended XXX-LAN-LIST
 permit ip 10.0.152.0 0.0.0.255 any
 deny   ip any any
!
!
!
!
!
route-map XXX-LAN-MAP permit 10
 match ip address UIA-LAN-LIST
 match interface GigabitEthernet0/0/0.99
 set ip next-hop 20.x.x.1
!
route-map XXX2-LAN-MAP permit 10
 match ip address ILOBS-LAN-LIST
 set ip next-hop 20.x.x.1
Labels:
0 Helpful
4 Replies 4

Evgeniy Prichinin
Level 1
Level 1

‎12-14-2016 10:04 PM

set ip next-hop 20.x.x.1

This will not work in this route-map. You should use PBR instead of it to set ip next-hop.

0 Helpful

dylan.keys1
Level 1
Level 1
In response to Evgeniy Prichinin

‎12-15-2016 05:15 PM

So I have applied a separate route-map to the LAN interface that sets the next-hop.

This has not made a difference though.

Any Ideas?

0 Helpful

Evgeniy Prichinin
Level 1
Level 1
In response to dylan.keys1

‎12-15-2016 07:09 PM

You don't need an route-maps, just replace

ip nat inside source route-map XXX2-LAN-MAP pool XXX2-LAN-POOL
ip nat inside source route-map XXX-LAN-MAP pool XXX-LAN-POOL overload

with 

ip nat inside source list XXX2-LAN-LIST pool XXX2-LAN-POOL
ip nat inside source list XXX-LAN-LIST interface GigabitEthernet0/0/0.99 overload
0 Helpful

paul driver
VIP
VIP

‎12-15-2016 10:55 PM

Hello

Try the following:

route-map XXX-LAN-MAP permit 10
 match ip address UIA-LAN-LIST
 match interface GigabitEthernet0/0/0.99
 set ip next-hop 20.x.x.1

route-map XXX2-LAN-MAP permit 10
 match ip address ILOBS-LAN-LIST
 set ip next-hop 20.x.x.1

ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0/0.99 20.x.x.1



res
Paul


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful
Customers Also Viewed These Support Documents