[rbak-nsp] Nat does'nt work

Michal Korzeniowski misha at iim.pl
Sun Oct 3 17:10:28 EDT 2010 

Hi Denis

Thanks for Your suggestions. I (probably) applied them.  Unfortunetly my
config,  below:


context BRAS
!
!
 no ip domain-lookup
!
 ip nat pool NAT_pool napt multibind
  address 83.142.192.100/32
!
 nat policy NAT_policy
! Default class
  pool NAT_pool BRAS
!
 interface LAN multibind
  description BRAS LAN GW
  ip address 10.11.12.1/24
  dhcp server interface
  ip arp proxy-arp
!
 interface WAN
  ip address 83.142.192.100/29
 no logging console
!
 policy access-list NAT_acl
  seq 10 permit ip 10.11.12.0 0.0.0.255 class CLASS3
  seq 11 permit ip host 83.142.192.100 class CLASS3
!
 aaa authentication administrator local
 aaa authentication administrator maximum sessions 1
 aaa authentication subscriber radius global
!
!
 subscriber default
   nat policy-name NAT_policy
   dhcp max-addrs 1
!
 ip route 0.0.0.0/0 83.142.192.102
 no service ssh server
!
 dhcp server policy
   nak-on-subnet-deletion
   option subnet-mask 255.255.255.0
   option domain-name-server 91.189.24.2 83.142.192.2
   option domain-name mi.pl
   offer-lease-time 300
   default-lease-time 900
   maximum-lease-time 900
   subnet 10.11.12.0/24
     option subnet-mask 255.255.255.0
     option router 10.11.12.1
!
!
!
end


still doesn't work :(

Michal




> Hi Michal,
>
> Your interface has /24 and addresses in pool overlap this.
>
> Regarding your config in general.
> In NAT pool we usually put real IP addresses, it allows your private
> networks to be NATed through real IPs.
>
>
>
> HIH
> /denis
>
> -----Original Message-----
> From: Michal Korzeniowski [mailto:misha at iim.pl]
> Sent: Friday, October 01, 2010 5:49 PM
> To: Denis Mikhaylovskiy
> Cc: misha at iim.pl; redback-nsp at puck.nether.net
> Subject: RE: [rbak-nsp] Nat does'nt work
>
>
>> Second)
>> Ip address in NAT pool should not overlap with others ip addresses of
>> interfaces
>
> maybe I think wrong but they are no overlaps:
> - ip addr of interface is   10.11.12.1
> - ip addr of pool are       10.11.12.2 to 100
>
>
>>  ip nat pool NAT_pool napt multibind
>>   address 10.11.12.2 to 10.11.12.100 <--- why you are using private
>> space
>> for NAT ?!?
>
> Which space should I use?
> My Idea is to distribute the internet "from" one public IP 83.142.192.100
> to subscribers ( giving them private space 10.11.12.0/24 like simply
> router from super markt)
>
>
>
>
>

More information about the redback-nsp mailing list