Hi, My Google-fu is failing me..
Scenario: FastEthernet0 (NAT inside), IP 10.20.20.1/24 Tunnel1 (NAT outside), IP 172.16.0.1/24 DMVPN environment with EIGRP Performing static source address translation from hosts in 10.20.20.0/24 to 192.168.20.x interface FastEthernet0 ip address 10.20.20.1 255.255.255.0 ip nat inside no ip redirects no ip proxy-arp ! interface Tunnel1 ip address 172.16.0.1 255.255.255.0 ip nat outside no ip redirects no ip proxy-arp ! interface Loopback0 ip address 10.63.6.100 255.255.255.255 ! router eigrp 10 redistribute static passive-interface default no passive-interface Tunnel1 network 10.63.6.0 0.0.0.255 network 172.16.0.0 0.0.0.255 no auto-summary ! ip nat inside source static 10.20.20.50 192.168.20.5 ip nat inside source static 10.20.20.51 192.168.20.6 ip nat inside source static 10.20.20.52 192.168.20.7 ip nat inside source static 10.20.20.53 192.168.20.8 [...] etc etc The router will happily translate 10.20.20.50 etc. into any arbitrary IP, as per the "ip nat inside .." command, but return traffic is unrouteable because there is no routing table entry for 192.168.20.5 in other routers in the AS. At present, I'm adding and redistributing a static host route like so: ip route 192.168.20.5 255.255.255.255 FastEthernet0 10.20.20.2 ..And as expected, 192.168.20.5/32 appears in the routing table and packets know how to come back to this router. It's a bit ugly/counter-intuitive though, don't you think? Is there a more elegant way? (perhaps specifying Null0 in the static route would be nicer) I have a mix of 12.3 and 12.4 IOS in the environment so while I'm happy to hear about any better methods, ideally I'm looking for something that will work on all versions. cheers, Dale _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
