The MPLS-OPS Archive

[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index][Thread Index][Author Index][Subject Index]

RE: REG: MPLS VPN & NAT.

From: "Vinod Anthony Joseph Cherunni" <vac@antarix.biz>
Date: Sat, 19 Jan 2002 15:24:27 +0530
Cc: Karl Garcia <Karl.Garcia@cosinecom.com>, mpls-ops@mplsrc.com, "'raszuk@cisco.com'" <raszuk@cisco.com>
Resent-Date: Sat, 19 Jan 2002 06:02:33 -0500
To: Marcelo Blanes <mblanes@larc.usp.br>
X-MIMETrack: Serialize by Router on MEGREZ/DSQworld(Release 5.0.8 |June 18, 2001) at 01/19/200203:24:35 PM,Serialize complete at 01/19/2002 03:24:35 PM

Hi,

I need NAT on the interface connecting to the Intranet site (on the CPE) because the design requires NAT to happen for certain Private destination prefixes also, & that's the reason the interface has "ip nat outside". As per the Cisco docs i tried applying the config below, & find that even after defining a route-map to policy route prefixes to a dummy non /32 loopback block, still NAT happens for all destinations.

interface Loopback0
ip address 1.1.1.1 255.255.255.0
!
interface Ethernet0/0
ip address 172.16.1.2 255.255.255.0
ip nat inside
ip route-cache policy
ip policy route-map nonat
!
interface Serial 0/1
# Interface to the Internet #
ip address 200.1.1.1 255.255.255.252
ip nat outside

interface Serial 0/2
# Interface to the MPLS Private VPN #
ip address 192.168.20.1 255.255.255.252
ip nat outside

ip nat inside source static 172.16.1.1 202.54.9.1

access-list 123 permit ip host 172.16.1.1 172.26.1.0 0.0.0.255
!--- Except the private network from the NAT process:
route-map nonat permit 10
match ip address 123
set ip next-hop 1.1.1.2
!
end

Kindly advise,

With warm regards,

Vinod.

Follow-Ups:
- RE: REG: MPLS VPN & NAT.
  - From: Marcelo Blanes <mblanes@larc.usp.br>