[rbak-nsp] Problems with NAT

Tomas Lynch tomas.lynch at gmail.com
Thu May 16 15:52:43 EDT 2013 

Golem,

You need to apply the NAT policy to the subscribers:

 subscriber default
   nat policy-name NAT_policy
   dhcp max-addrs 1

Tomás


On Thu, May 16, 2013 at 11:44 AM, Golem <golem at mtm-info.pl> wrote:
> Hello Redback-nsp,
>
> My first steps with Redback. I'm trying to run simple NAT + Clips.
> Clips   seems   working  fine  with  radius server, dhcp offers IP but
> there is still no access to network (client receive proper dhcp pack), only 192.168.30.1 is reachable.
> There is my config:
>
> context routerek
>  domain router30.pl
> !
>  no ip domain-lookup
> !
>  ip nat pool NAT_pool napt multibind
>   address 178.214.27.1/32
> !
>  nat policy NAT_policy
> ! Default class
>   pool NAT_pool routerek
>   timeout tcp 18000
>   endpoint-independent filtering udp
>   icmp-notification
> !
>  interface ge1 multibind
>   ip address 192.168.30.1/24
>   dhcp server interface
> !
>  interface wan
>   ip address 178.214.0.23/27
>  no logging console
> !
>  aaa authentication administrator local
>  aaa authentication administrator maximum sessions 1
>  aaa authentication subscriber radius
> !
>  radius server 178.214.0.27 encrypted-key *****
> !
>  ip route 0.0.0.0/0 178.214.0.1
> !
>  dhcp server policy
>    nak-on-subnet-deletion
>    option subnet-mask 255.255.255.0
>    option domain-name-server 178.214.0.16 178.214.0.14
>    option domain-name router30.pl
>    offer-lease-time 300
>    default-lease-time 43200
>    maximum-lease-time 43200
>    subnet 192.168.30.0/24
>      option subnet-mask 255.255.255.0
>      option router 192.168.30.1
> !
> !
> !
> ! ** End Context **
>
> Ports:
>
>
> card ge2-10-port 2
> !
> port ethernet 2/1
>  no shutdown
>  bind interface ge1 routerek
>  service clips dhcp maximum 10 context routerek
> !
> port ethernet 2/10
>  no shutdown
>  bind interface wan routerek
> !
> !
>
>
>
>
> It  looks  like  packets  are  not  forwarded for 178.214.27.1 however
> 178.214.27.1/27 is routed to 178.214.0.23 from outside.
>
> Thanks!
>
> --
> Best regards,
>  Ozga Rafal                          mailto:golem at mtm-info.pl
>
>
> _______________________________________________
> redback-nsp mailing list
> redback-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/redback-nsp

More information about the redback-nsp mailing list