[c-nsp] VRF Static NAT
Peter Rathlev
peter at rathlev.dk
Mon Mar 4 11:03:43 EST 2013
On Fri, 2013-03-01 at 19:53 +0000, Alexander Fossa | Xifos wrote:
> interface Vlan301
> ip address 10.10.4.1 255.255.255.252
> ip nat outside
> interface Vlan601
> ip address 11.22.240.1 255.255.255.0
> no ip redirects
> ip nat inside
>
> ip nat inside source static 11.22.240.60 10.10.4.100
I'm guessing that devices on both Vlan301 and Vlan601 have this router
as their default gateway or at least that devices on Vlan301 are sending
traffic toward 10.10.4.100 to this router and devices on Vlan601 are
sending traffic toward 10.10.4.2 (or whatever you test from) to the same
router.
To make this work across interfaces in different VRFs you need some
static routing. Try adding this:
ip route 10.10.4.2 255.255.255.255 Vlan301 10.10.4.2
ip route vrf BTW 11.22.240.60 255.255.255.255 Vlan601 11.22.240.60
This would preclude your using 11.22.240.60 in vrf BTW. There might be
some other way of doing this that keeps addresses seperate, but I'm too
unfamiliar with this to know.
--
Peter
More information about the cisco-nsp
mailing list