That may be my issue. I have lab time scheduled at 4PM. I will try it then. That is quite confusing. I wish Cisco would give a clear example of when the id's should be the same and when they should be different.
On Sat, Aug 1, 2009 at 1:27 PM, Tyson Scott <[email protected]> wrote: > Paul, > > > > If you change it does it take away the error message you were seeing? > > > > My understanding was the ID’s need to be unique if they are both going to > be passing traffic. So if both routers are actively forming NAT entries in > the table they need the unique entries to correlate the correct entries to > each host. > > > > Now if both are running in a redundant state and only the active HSRP > device is performing NAT translations then they should share an identical ID > as only the active device should be creating NAT entries. > > > > This is the conclusion I have drawn based off the documentation. > > > > Regards, > > > > Tyson Scott - CCIE #13513 R&S and Security > > Technical Instructor - IPexpert, Inc. > > > Telephone: +1.810.326.1444 > Cell: +1.248.504.7309 > Fax: +1.810.454.0130 > Mailto: [email protected] > > > > Join our free online support and peer group communities: > http://www.IPexpert.com/communities > > > > IPexpert - The Global Leader in Self-Study, Classroom-Based, Video On > Demand and Audio Certification Training Tools for the Cisco CCIE R&S Lab, > CCIE Security Lab, CCIE Service Provider Lab , CCIE Voice Lab and CCIE > Storage Lab Certifications. > > > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Paul Stewart > *Sent:* Saturday, August 01, 2009 12:38 PM > *To:* [email protected] > *Subject:* [OSL | CCIE_Security] 2a SNAT > > > > According to the proctor guide, both routers use a stateful-id of 1. The > Addressing configuration guide is gray on whether this should be unique or > not and even shows HSRP peers as having the identical config. If you look > at the Cisco article below, it clearly states that they should be unique. > > > http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/products_white_paper09186a0080118b04.shtml > > *"Note: *Note the ID is different for the each router. Each SNAT router > should have a unique ID number. " > > It also goes on to say "NAT entries have been extended to include > information about which of the SNAT routers created them, and which router > is responsible for the state and timing of that particular entry. The > combination of the entry id-number and the SNAT router id-number make each > entry unique within the group." > > The following document states that the "stateful id" is a "Unique number > given to each router in the stateful translation group." > > I guess I am trying to understand the router's way of thinking. How can > this work both ways? >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
