[rbak-nsp] Problems with NAT
Golem
golem at mtm-info.pl
Thu May 16 16:53:28 EDT 2013
[routerek]Redback#show subscribers active
d8:5d:4c:80:2f:a6
Session state Up
Circuit 2/1 clips 262145
Internal Circuit 2/1:511:63:31/7/2/1
Interface bound ge1
Current port-limit unlimited
Protocol Stack IPV4
dhcp max-addrs 1 (applied)
ip address 192.168.30.19 255.255.255.0 (applied)
dhcp vendor class id MSFT 5.0 (applied)
dhcp option client id 0x3d0701d85d4c802fa6 (applied)
dhcp option hostname 0x0c05676f6c656d (applied)
IP host entries installed by DHCP: (max_addr 1 cur_entries 1)
192.168.30.19 d8:5d:4c:80:2f:a6
Maybe i should add source nat address somewhere ?
I have tried
interface ge1 multibind
ip address 192.168.30.1/24
ip address 178.214.27.1/27 secondary <- added this one here and
it's reachable from outside.
dhcp server interface
Nothing changed, still nat doesnt work.
Thursday, May 16, 2013, 10:42:07 PM, you wrote:
> Ideas: Try doing so without NAT, just one DHCP customer
> Can you please share an output from show subscribers active?
> On Thu, May 16, 2013 at 5:38 PM, Golem <golem at mtm-info.pl> wrote:
>> Still doesn't work.
>> Any ideas ?
>>
>>
>>
>>
>> Thursday, May 16, 2013, 9:52:43 PM, you wrote:
>>
>>> Golem,
>>
>>> You need to apply the NAT policy to the subscribers:
>>
>>> subscriber default
>>> nat policy-name NAT_policy
>>> dhcp max-addrs 1
>>
>>> Tomás
>>
>>
>>> On Thu, May 16, 2013 at 11:44 AM, Golem <golem at mtm-info.pl> wrote:
>>>> Hello Redback-nsp,
>>>>
>>>> My first steps with Redback. I'm trying to run simple NAT + Clips.
>>>> Clips seems working fine with radius server, dhcp offers IP but
>>>> there is still no access to network (client receive proper dhcp pack), only 192.168.30.1 is reachable.
>>>> There is my config:
>>>>
>>>> context routerek
>>>> domain router30.pl
>>>> !
>>>> no ip domain-lookup
>>>> !
>>>> ip nat pool NAT_pool napt multibind
>>>> address 178.214.27.1/32
>>>> !
>>>> nat policy NAT_policy
>>>> ! Default class
>>>> pool NAT_pool routerek
>>>> timeout tcp 18000
>>>> endpoint-independent filtering udp
>>>> icmp-notification
>>>> !
>>>> interface ge1 multibind
>>>> ip address 192.168.30.1/24
>>>> dhcp server interface
>>>> !
>>>> interface wan
>>>> ip address 178.214.0.23/27
>>>> no logging console
>>>> !
>>>> aaa authentication administrator local
>>>> aaa authentication administrator maximum sessions 1
>>>> aaa authentication subscriber radius
>>>> !
>>>> radius server 178.214.0.27 encrypted-key *****
>>>> !
>>>> ip route 0.0.0.0/0 178.214.0.1
>>>> !
>>>> dhcp server policy
>>>> nak-on-subnet-deletion
>>>> option subnet-mask 255.255.255.0
>>>> option domain-name-server 178.214.0.16 178.214.0.14
>>>> option domain-name router30.pl
>>>> offer-lease-time 300
>>>> default-lease-time 43200
>>>> maximum-lease-time 43200
>>>> subnet 192.168.30.0/24
>>>> option subnet-mask 255.255.255.0
>>>> option router 192.168.30.1
>>>> !
>>>> !
>>>> !
>>>> ! ** End Context **
>>>>
>>>> Ports:
>>>>
>>>>
>>>> card ge2-10-port 2
>>>> !
>>>> port ethernet 2/1
>>>> no shutdown
>>>> bind interface ge1 routerek
>>>> service clips dhcp maximum 10 context routerek
>>>> !
>>>> port ethernet 2/10
>>>> no shutdown
>>>> bind interface wan routerek
>>>> !
>>>> !
>>>>
>>>>
>>>>
>>>>
>>>> It looks like packets are not forwarded for 178.214.27.1 however
>>>> 178.214.27.1/27 is routed to 178.214.0.23 from outside.
>>>>
>>>> Thanks!
>>>>
>>>> --
>>>> Best regards,
>>>> Ozga Rafal mailto:golem at mtm-info.pl
>>>>
>>>>
>>>> _______________________________________________
>>>> redback-nsp mailing list
>>>> redback-nsp at puck.nether.net
>>>> https://puck.nether.net/mailman/listinfo/redback-nsp
>>
>>
>>
>> --
>> Best regards,
>> Ozga Rafal mailto:golem at mtm-info.pl
>>
>>
>> _______________________________________________
>> redback-nsp mailing list
>> redback-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/redback-nsp
--
Best regards,
Ozga Rafal mailto:golem at mtm-info.pl
More information about the redback-nsp
mailing list