Usually, you have 3 options (actually the last 2 are variations of the same option):
1) redistribute a static route (to null) of the nat outside address space 2) redistribute a "virtual" connected interface (a loopback) having an ip from the nat outside address space 3) use the network of a physical connected interface (which is already routed) for nat outside address space -- Tassos Dale Shaw wrote on 22/11/2007 5:33 πμ: > I changed the "ip route .." commands to.. > > ip route 192.168.20.5 255.255.255.255 Null0 name NAT > > .. and it continues to work as expected. This is cleaner, but I'm > still interested in more elegant solutions. I've seen the "add-route" > parameter, but it doesn't appear to support /32s, and only seems to be > available for "ip nat outside .." > > cheers, > Dale > > > On Nov 22, 2007 2:10 PM, a. rahman isnaini r. sutan > <[EMAIL PROTECTED]> wrote: >> >> New to me... never been working by translating internal IP to 'external IP >> which is not directly connected to the router...' >> If this work pretty well, it'd be good and some ideas might come up later... >> >> rgs >> a. rahman isnaini r.sutan >> >> ----- Original Message ----- >> From: "Dale Shaw" <[EMAIL PROTECTED]> >> To: <[email protected]> >> Sent: Thursday, November 22, 2007 5:39 AM >> Subject: [c-nsp] IOS NAT,translating source into IP not included in routing >> table >> >> >>> Hi, >>> >>> My Google-fu is failing me.. >>> >>> Scenario: >>> >>> FastEthernet0 (NAT inside), IP 10.20.20.1/24 >>> Tunnel1 (NAT outside), IP 172.16.0.1/24 >>> DMVPN environment with EIGRP >>> Performing static source address translation from hosts in >>> 10.20.20.0/24 to 192.168.20.x >>> > [...] >>> The router will happily translate 10.20.20.50 etc. into any arbitrary >>> IP, as per the "ip nat inside .." command, but return traffic is >>> unrouteable because there is no routing table entry for 192.168.20.5 >>> in other routers in the AS. >>> >>> At present, I'm adding and redistributing a static host route like so: >>> >>> ip route 192.168.20.5 255.255.255.255 FastEthernet0 10.20.20.2 >>> >>> ..And as expected, 192.168.20.5/32 appears in the routing table and >>> packets know how to come back to this router. >>> >>> It's a bit ugly/counter-intuitive though, don't you think? Is there a >>> more elegant way? (perhaps specifying Null0 in the static route would >>> be nicer) >>> I have a mix of 12.3 and 12.4 IOS in the environment so while I'm >>> happy to hear about any better methods, ideally I'm looking for >>> something that will work on all versions. >>> >>> cheers, >>> Dale > _______________________________________________ > cisco-nsp mailing list [email protected] > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ > _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
