[c-nsp] C876 - Forced to use NAT Virtual Interface

Gaurav Sabharwal gaurav at inwire.net
Wed Feb 28 04:29:10 EST 2007 

Have a Cisco 876 router running 12.4(6)T6 IOS release and have noticed 
that classic NAT translation does not works. Below is the relevant 
configuration.

!
interface Virtual-PPP1
  ip address negotiated
  ip nat outside
  ip virtual-reassembly
  fair-queue
  no cdp enable
  ppp authentication chap callin
  ppp chap hostname testuser
  ppp chap password 0 testpass
  ppp direction callout
  pseudowire 172.17.101.1 10 pw-class pwclass1
!
interface Vlan1
  ip address 192.168.10.1 255.255.255.128
  ip nat inside
  ip virtual-reassembly
!
ip nat source static 192.168.10.1 10.10.0.17
ip nat source static 192.168.10.2 10.10.0.18
ip nat source static 192.168.10.3 10.10.0.19
ip nat source static 192.168.10.4 10.10.0.20
!

show classic NAT statistics

rtr# sh ip nat stat
Total active translations: 0 (0 static, 0 dynamic; 0 extended)
Outside interfaces:
   Dialer1, Virtual-Access1

Inside interfaces:
   Vlan1
Hits: 0  Misses: 0
CEF Translated packets: 0, CEF Punted packets: 0
Expired translations: 0
Dynamic mappings:

Queued Packets: 0

rtr# show ip nat stat
Total active translations: 0 (0 static, 0 dynamic; 0 extended)
Outside interfaces:
   Dialer1, Virtual-Access1
Inside interfaces:
   Vlan1

Hits: 0  Misses: 0
CEF Translated packets: 0, CEF Punted packets: 0
Expired translations: 0
Dynamic mappings:
Queued Packets: 0

show stats for NVI

rtr# sh ip nat nvi stat
Total active translations: 4 (4 static, 0 dynamic; 0 extended)
NAT Enabled interfaces:

Hits: 0  Misses: 0
CEF Translated packets: 0, CEF Punted packets: 0
Expired translations: 0
Dynamic mappings:


rtr# show ip nat nvi trans
Pro Source global      Source local       Destin  local      Destin  global
--- 10.10.0.17         192.168.10.1       ---                ---
--- 10.10.0.18         192.168.10.2       ---                ---
--- 10.10.0.19         192.168.10.3       ---                ---
--- 10.10.0.20         192.168.10.4       ---                ---

Reading the documents, my understanding is that the NVI interface will 
be triggered when "ip nat enable" command is used on the interfaces. 
Anybody seen this issue or point the obvious thing that I am missing in 
the configuration?

Thanks,
- Gaurav

More information about the cisco-nsp mailing list