in

IEOC - Internetwork Expert's Online Community

Welcome to Internetwork Expert's Online Community - IEOC - a place for CCIE and CCENT candidates to connect, share, and learn. Our Online Community features CCIE forums and discussions for all tracks including Routing & Switching, Voice, Security, Service Provider, and Storage. Through these online communities you can discuss your questions with thousands of your peers, hundreds of CCIE's and Internetwork Expert's own team of world renowned CCIE instructors and authors, Brian Dennis - Quintuple CCIE #2210, Scott Morris - Quad CCIE #4713, Brian McGahan – Triple CCIE #8593, Petr Lapukhov - Quad CCIE #16379, Anthony Sequeira - CCIE #15626, Keith Barker - Dual CCIE #6783, and Marvin Greenlee - Triple CCIE #12237.
Forums » Internetwork Expert Products » CCIE Service Provider Lab Workbook Volume II Version 1.0 » IEWB-SP Volume 2 Version 1.0 Lab 1 » TASK 5.5 - VRF AWARE NAT
Latest post 12-22-2009 11:30 AM by lithase. 1 replies.
Page 1 of 1 (2 items)
Sort Posts: Previous Next

  • 12-17-2009 2:39 PM

    TASK 5.5 - VRF AWARE NAT

    Reply Contact

    Hello all,

    I have a question about this task.Once competing this task , i can ping the loopback interface of R8 but I still coudnt ping the 191.1.58.x segment between R5 and R8.Obviously because the devices in VPN_A do not have a router to this segment.

    I added the e0/0 of R5 under Vrf VPN_A and then i was able to ping this segment as well.My question is would adding this interface to vrf VPN_A is a right solution for this task ??

     

    Please let me know

    Thanks

     
    • Post Points: 20

  • 12-22-2009 11:30 AM In reply to

    Re: TASK 5.5 - VRF AWARE NAT

    Reply Contact

    I don't think you are allow to add interface e0/0 in vrf VPN_A regarding Task 5.5 & 5.6
    In this csse you need to :
    Task 5.5- Implement on R5 a vrf VPN_A static route of  R8's lo0 pointed to interface e0/0 in the global routing table by using the key GLOBAL and redistribute this vrf VPN_A  static route in bgp. All vrf VPN_A routing table will know how to reach lo0 of R8

    ip route vrf VPN_A [lo0 r8 address][lo0 R8 mask] e0/0 global

    Task 5.6 - Implement the vrf aware nat on R5 using a route-map to match your inside source ip. The goal here is to translate all traffic coming from VPN_A on R7 into interface  ip of e0/0  in global routing table. R8 will now reach all VPN_A via e0/0
    !
    ip access-list extended FROM_R7
     permit ip host 150.1.7.7 any
    !
    route-map FROM_R7 permit 5
     match ip address FROM_R7
    !
    ip nat inside source route-map FROM_R7 interface e0/0 vrf VPN_A overload
    !
    interface Serial1/0.1 point-to-point
     ip nat inside
    !
    int e0/0
    ip nat outside
    !

    Thanks
    Arnaud

     

     

     

     
    • Post Points: 5
Page 1 of 1 (2 items)
IEOC CCIE Forums Internetwork Expert CCIE Training
About IEOC | Terms of Use | RSS | Privacy Policy
© 2010 Internetwork Expert, Inc. All Rights Reserved