Options
NAT overload and STATIC NETWORK NAT on the same router...
davidspirovalentine
Member Posts: 353 ■■■■□□□□□□
in CCIE
Hi Team,
This has been driving me nuts for the last couple of hours...
I basically need to do PAT (NAT overload) to my public IP address however in addition to this I am also running a Site-to-Site VPN (on the same link to a remote site).
The issue is that when I do the "ip nat inside source static network" command and specify the subnets and mask I break the internet connection for the users on the LAN.
I need to do the static network NAT because the remote site uses the same address range somewhere in there network.
Please let me know your thoughts any and all help would be great!
I have tried a few things (static 1-to-1 nat with route-maps, PBR on the LAN interface to push internet traffic to a loopback, etc...) with no luck
I even tried this https://supportforums.cisco.com/thread/2172082 but still no joy
Whenever the static network command is in the "debug ip nat" ALWAYS nat's traffic to the "fake" subnet. I understand this is designed this way but I need a work around to get both the VPN traffic and the Internet traffic working off the same router.
I have googled extensively but can't find a working configuration out there on the world wide web, so I though I would check in with the A-Team
Thanks in advance.
Kind Regards,
David
This has been driving me nuts for the last couple of hours...
I basically need to do PAT (NAT overload) to my public IP address however in addition to this I am also running a Site-to-Site VPN (on the same link to a remote site).
The issue is that when I do the "ip nat inside source static network" command and specify the subnets and mask I break the internet connection for the users on the LAN.
I need to do the static network NAT because the remote site uses the same address range somewhere in there network.
Please let me know your thoughts any and all help would be great!
I have tried a few things (static 1-to-1 nat with route-maps, PBR on the LAN interface to push internet traffic to a loopback, etc...) with no luck
I even tried this https://supportforums.cisco.com/thread/2172082 but still no joy
Whenever the static network command is in the "debug ip nat" ALWAYS nat's traffic to the "fake" subnet. I understand this is designed this way but I need a work around to get both the VPN traffic and the Internet traffic working off the same router.
I have googled extensively but can't find a working configuration out there on the world wide web, so I though I would check in with the A-Team
Thanks in advance.
Kind Regards,
David
Failure is a stepping stone to success...
