[rbak-nsp] Problems with NAT

Golem golem at mtm-info.pl
Thu May 16 16:38:10 EDT 2013 

Still doesn't work.
Any ideas ?




Thursday, May 16, 2013, 9:52:43 PM, you wrote:

> Golem,

> You need to apply the NAT policy to the subscribers:

>  subscriber default
>    nat policy-name NAT_policy
>    dhcp max-addrs 1

> Tomás


> On Thu, May 16, 2013 at 11:44 AM, Golem <golem at mtm-info.pl> wrote:
>> Hello Redback-nsp,
>>
>> My first steps with Redback. I'm trying to run simple NAT + Clips.
>> Clips   seems   working  fine  with  radius server, dhcp offers IP but
>> there is still no access to network (client receive proper dhcp pack), only 192.168.30.1 is reachable.
>> There is my config:
>>
>> context routerek
>>  domain router30.pl
>> !
>>  no ip domain-lookup
>> !
>>  ip nat pool NAT_pool napt multibind
>>   address 178.214.27.1/32
>> !
>>  nat policy NAT_policy
>> ! Default class
>>   pool NAT_pool routerek
>>   timeout tcp 18000
>>   endpoint-independent filtering udp
>>   icmp-notification
>> !
>>  interface ge1 multibind
>>   ip address 192.168.30.1/24
>>   dhcp server interface
>> !
>>  interface wan
>>   ip address 178.214.0.23/27
>>  no logging console
>> !
>>  aaa authentication administrator local
>>  aaa authentication administrator maximum sessions 1
>>  aaa authentication subscriber radius
>> !
>>  radius server 178.214.0.27 encrypted-key *****
>> !
>>  ip route 0.0.0.0/0 178.214.0.1
>> !
>>  dhcp server policy
>>    nak-on-subnet-deletion
>>    option subnet-mask 255.255.255.0
>>    option domain-name-server 178.214.0.16 178.214.0.14
>>    option domain-name router30.pl
>>    offer-lease-time 300
>>    default-lease-time 43200
>>    maximum-lease-time 43200
>>    subnet 192.168.30.0/24
>>      option subnet-mask 255.255.255.0
>>      option router 192.168.30.1
>> !
>> !
>> !
>> ! ** End Context **
>>
>> Ports:
>>
>>
>> card ge2-10-port 2
>> !
>> port ethernet 2/1
>>  no shutdown
>>  bind interface ge1 routerek
>>  service clips dhcp maximum 10 context routerek
>> !
>> port ethernet 2/10
>>  no shutdown
>>  bind interface wan routerek
>> !
>> !
>>
>>
>>
>>
>> It  looks  like  packets  are  not  forwarded for 178.214.27.1 however
>> 178.214.27.1/27 is routed to 178.214.0.23 from outside.
>>
>> Thanks!
>>
>> --
>> Best regards,
>>  Ozga Rafal                          mailto:golem at mtm-info.pl
>>
>>
>> _______________________________________________
>> redback-nsp mailing list
>> redback-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/redback-nsp



-- 
Best regards,
Ozga Rafal                          mailto:golem at mtm-info.pl

More information about the redback-nsp mailing list