Hello, I just had a quick question. What is the Adtran NAT order of Operations? Does the 1335 Route/PBR before NAT or after ?
The reason i am asking is i was trying to configure NAT on a VLAN and i was unable to get it to work until a applied a route-map to the VLAN and set the next hop to the cable modem. So is the route-map pointing to the cable modem and Nat'ing on the modem and not using the access-policy?
VLAN i was attempting to NAT
interface vlan 192
snmp trap link-status
ip address 192.168.112.1 255.255.255.0
no ip proxy-arp
ip ffe
ip policy route-map inet-only
ip access-policy inet-only
ip flow ingress
ip flow egress
ip route-cache express
no shutdown
Access-policies and lists and route map
route-map inet-only permit 10
match ip address nat
set ip next-hop 70.105.60.1
ip policy-class inet-only
nat source list nat interface vlan 100 overload
allow list inet-only
ip access-list extended inet-only
deny ip any 10.0.0.0 0.255.255.255
deny ip any 172.16.0.0 0.15.255.255
permit ip any any
!
ip access-list extended nat
permit ip 10.32.84.0 0.0.0.255 any
permit ip 192.168.112.0 0.0.0.255 any
interface vlan 100
snmp trap link-status
ip address X 255.255.255.0
no ip proxy-arp
ip ffe
ip access-policy Outside
crypto map VPN
ip flow ingress
ip flow egress
qos-policy out SHAPE
ip route-cache express
no shutdown
Thanks,
Sean
Thank you for asking this question in the support community. The order of operation for this application is as follows:
Incoming Packet ----> PBR - Route Lookup ----> Access Policy Allow/Discard or NAT Source
So, for your configuration the traffic is being sent to the next hop of 70.105.60.1 with the source IP address of VLAN 100.
Example 5. on page 33 describes a similar configuration in the Configuring the Firewall (IPv4) in AOS document.
I hope that makes sense, but please do not hesitate to reply to this post with any additional questions or information. I will be happy to help in any way I can.
Levi
Thank you for asking this question in the support community. The order of operation for this application is as follows:
Incoming Packet ----> PBR - Route Lookup ----> Access Policy Allow/Discard or NAT Source
So, for your configuration the traffic is being sent to the next hop of 70.105.60.1 with the source IP address of VLAN 100.
Example 5. on page 33 describes a similar configuration in the Configuring the Firewall (IPv4) in AOS document.
I hope that makes sense, but please do not hesitate to reply to this post with any additional questions or information. I will be happy to help in any way I can.
Levi