[rbak-nsp] Nat does'nt work

Denis Mikhaylovskiy denis.mikhaylovskiy at ericsson.com
Fri Oct 1 08:30:52 EDT 2010


Hi,

First)
Please remove it from here

!
 interface LAN multibind
  description BRAS LAN GW
  ip address 10.11.12.1/24
  dhcp server interface
  ip arp proxy-arp
  ip nat NAT_policy  <-----
!

And apply it here

!
 subscriber default
   dhcp max-addrs 1
   nat policy-name NAT_policy   
!



Second)
Ip address in NAT pool should not overlap with others ip addresses of interfaces 

!
 ip nat pool NAT_pool napt multibind
  address 10.11.12.2 to 10.11.12.100 <--- why you are using private space for NAT ?!?
!
!
 interface LAN multibind
  description BRAS LAN GW
  ip address 10.11.12.1/24 
  dhcp server interface
  ip arp proxy-arp
!


Cheers
/denis

-----Original Message-----
From: redback-nsp-bounces at puck.nether.net [mailto:redback-nsp-bounces at puck.nether.net] On Behalf Of misha at iim.pl
Sent: Friday, October 01, 2010 3:17 PM
To: redback-nsp at puck.nether.net
Subject: [rbak-nsp] Nat does'nt work

HI.
I have problem with creating of NAT policy.

There is an overview of my configuration:
Interface LAN multibind - private network 10.11.12.0/24 , dhcp with radius
Interface WAN - public IP address

My Config:

context BRAS
!
!
 no ip domain-lookup
!
 ip nat pool NAT_pool napt multibind
  address 10.11.12.2 to 10.11.12.100
!
 nat policy NAT_policy
! Default class
  ignore
! Named classes
  access-group NAT_acl
   class CLASS3
    pool NAT_pool BRAS
!
 interface LAN multibind
  description BRAS LAN GW
  ip address 10.11.12.1/24
  dhcp server interface
  ip arp proxy-arp
  ip nat NAT_policy
!
 interface WAN
  ip address 83.142.192.100/29
 no logging console
!
 policy access-list NAT_acl
  seq 10 permit ip 10.11.12.0 0.0.0.255 class CLASS3
!
 aaa authentication administrator local
 aaa authentication administrator maximum sessions 1
 aaa authentication subscriber radius global
!
!
 subscriber default
   dhcp max-addrs 1
!
 ip route 0.0.0.0/0 83.142.192.102
 no service ssh server
!
 dhcp server policy
   nak-on-subnet-deletion
   option subnet-mask 255.255.255.0
   option domain-name-server 91.189.24.2 83.142.192.2
   option domain-name mi.pl
   offer-lease-time 300
   default-lease-time 900
   maximum-lease-time 900
   subnet 10.11.12.0/24
     option subnet-mask 255.255.255.0
     option router 10.11.12.1
!
!
!
! ** End Context **

port ethernet 2/1
 no shutdown
 medium-type copper
 encapsulation dot1q
 dot1q pvc 2000 encapsulation multi
  bind interface WAN BRAS
!
port ethernet 2/2
 no shutdown
 medium-type copper
 encapsulation dot1q
 dot1q pvc 15 encapsulation multi
  service clips dhcp context BRAS



nat doesn't work and
I don't know what to do.

MK


_______________________________________________
redback-nsp mailing list
redback-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/redback-nsp



More information about the redback-nsp mailing list