[c-nsp] Fwd: NAT in VRF
Derick Winkworth
dwinkworth at att.net
Tue Oct 14 09:47:36 EDT 2008
NAT NVI.
That would be the first doc, qtnatvi.
There is no inside/outside that way.
On Tue, 2008-10-14 at 15:37 +0200, Jan van den Berg wrote:
> This touches a problem I am currently working on.
> I need to access services in one VPN from multiple other VPNs.
>
> I read in the ftnatvpn doc this:
> "Inside VPN to VPN with NAT is not supported."
>
> Since it is necessary that different VPNs can access the services from one
> VPN; using NAT will be probably be required.
>
> So does anyone have any pointers on how to go about this?
>
> Cheers,
>
> Jan
>
> -----Oorspronkelijk bericht-----
> Van: cisco-nsp-bounces at puck.nether.net
> [mailto:cisco-nsp-bounces at puck.nether.net] Namens Derick Winkworth
> Verzonden: vrijdag 10 oktober 2008 14:09
> Aan: cisco-nsp at puck.nether.net >> Cisco NSP
> Onderwerp: Re: [c-nsp] Fwd: NAT in VRF
>
> http://www.cisco.com/en/US/docs/ios/12_3t/12_3t14/feature/guide/gtnatvi.html
> http://www.cisco.com/en/US/docs/ios/12_2t/12_2t13/feature/guide/ftnatvpn.htm
> l
>
> Here are two different ways to do what you are asking for, I hope!
>
>
>
> Gary Roberton wrote:
> > Thanks Luan
> >
> > Can anyone else confirm this also?
> >
> > Thanks
> >
> > On Thu, Oct 9, 2008 at 2:04 PM, Luan Nguyen <luan at netcraftsmen.net> wrote:
> >
> >
> >> Yes you can. I used to do that with 2 VRF-Lites on 2 DMVPN tunnels.
> >> Platform doesn't make any different.
> >>
> >>
> >> Luan Nguyen
> >> Chesapeake NetCraftsmen, LLC.
> >> www.NetCraftsmen.net
> >>
> >>
> >> -----Original Message-----
> >> From: cisco-nsp-bounces at puck.nether.net
> >> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Gary Roberton
> >> Sent: Thursday, October 09, 2008 7:28 AM
> >> To: cisco-nsp at puck.nether.net
> >> Subject: [c-nsp] Fwd: NAT in VRF
> >>
> >> ---------- Forwarded message ----------
> >> From: Gary Roberton <gary.ciscomail at gmail.com>
> >> Date: Wed, Oct 8, 2008 at 10:13 AM
> >> Subject: NAT in VRF
> >> To: "cisco-nsp at puck.nether.net" <cisco-nsp at puck.nether.net>
> >>
> >>
> >> Can someone please confirm for me that you can have the same IP address
> in
> >> different VRFs natted to different destinations. In other words;
> >>
> >> 217.1.1.1 nat to 10.1.1.1 in VRF A
> >> 217.1.1.1 nat to 192.168.1.1 in VRF B
> >>
> >> I can't see any reason why not.
> >>
> >> What about if using VRF-Lite on a 3845, does that make any difference?
> >>
> >> Its a funny question but I have been asked this and have no access to the
> >> kit to prove it working and I have to have a solid answer.
> >>
> >> Thanks.
> >>
> >> Gary
> >> _______________________________________________
> >> cisco-nsp mailing list cisco-nsp at puck.nether.net
> >> https://puck.nether.net/mailman/listinfo/cisco-nsp
> >> archive at http://puck.nether.net/pipermail/cisco-nsp/
> >>
> >>
> >>
> > _______________________________________________
> > cisco-nsp mailing list cisco-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
> > ------------------------------------------------------------------------
> >
> >
> > No virus found in this incoming message.
> > Checked by AVG - http://www.avg.com
> > Version: 8.0.173 / Virus Database: 270.8.0/1717 - Release Date: 10/9/2008
> 4:56 PM
> >
> >
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list