cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
icbfan7
New Contributor

1335 NAT Private/Public Question

I have an Adtran 1335 configured with a VLAN for WAN connectivity and multiple private VLANs.  Applying the wizard, it asks which interfaces want access out to the internet and I selected all that applied......and it worked just fine.  However, I wanted another VLAN to show a different outbound Public IP (I have 5 static Public IPs).  I made a new Security Zone and Assigned my VLAN to it.  I mimicked the same Policies in this new Zone that are in the Private Zone, however, instead of using the NAT with Source Overloading out my WAN VLAN, I defined a specific Public Static IP.  When I visit ipchicken.com, it shows the desired IP Address.  This is good and what I want.

The problem is that when I connect from VLAN 14 (Internal and in New Zone) to a device in VLAN 6 (Internal and in Private Zone), the system status of the device shows a connection from the desired Public IP.  This connection is internal, why wouldn't it show the internal IP Address of the device in VLAN 14? 

I have this same issue on other routers (3430, 3140, 3120), and am wondering what is configured incorrectly.

Labels (1)
0 Kudos
2 Replies
jayh
Honored Contributor
Honored Contributor

Re: 1335 NAT Private/Public Question

In your policy-class configuration for your internal VLANs add permit statements to each other. Substitute your policy-classes for FOO and BAR as needed.

ip access-list standard allow-all

  permit any

ip policy-class FOO

nat source [existing config]

allow list allow-all policy BAR

ip policy-class BAR

nat source [existing config]

allow list allow-all policy FOO

icbfan7
New Contributor

Re: 1335 NAT Private/Public Question

That worked.  Thanks.