Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2083
Views
0
Helpful
37
Replies

NATTING

Go to solution
virendra pathak
Level 1
Level 1

‎11-13-2023 07:37 PM

Dear Expert,

I have created LAB in eve ng and the same design is attached herewith.

I have done all configuration with using MPLS WAN solution on design.

Private NW is done successfully and now i wanted to allow all DC Server, HQ Users and Branch user can access INTERNET without using routing because Priavet NW can not advertise on INTERNET WORLS then NATTING is option remain, And here is query to that how i should allow to all users to access INTERNETW with using solution NATTING.

Could you please view design and suggest me accordingly.

HQ Users LAN range is 10.22.2.0/24. 10.22.4.0/24 CAN ACCESS internet 

DC Subnet range is 172.16.111.0/24, 172.16.112.0/24 CAN ACCESS internet

BR users range : 10.22.22.0/24, 10.22.23.0/24 CAN ACCESS internet

The prompt response would be highly appreciated.

Thanks a lot

Regards

Virendra P

0 Helpful
37 Replies 37

Go to solution
virendra pathak
Level 1
Level 1
In response to MHM Cisco World

‎11-14-2023 05:25 AM - last edited on ‎01-28-2024 11:50 PM by Community Manager

Dear MHM,

Add below route : 

ip route 0.0.0.0 0.0.0.0 172.16.110.4

and when i removed Always, then all trace gone missing and when i add again Now you can see here the output

udp 102.1.1.1:49382 10.22.22.31:49382 200.1.1.1:33508 200.1.1.1:33508
udp 102.1.1.1:49383 10.22.22.31:49383 200.1.1.1:33509 200.1.1.1:33509
udp 102.1.1.1:49384 10.22.22.31:49384 200.1.1.1:33510 200.1.1.1:33510
udp 102.1.1.1:49385 10.22.22.31:49385 200.1.1.1:33511 200.1.1.1:33511
udp 102.1.1.1:49386 10.22.22.31:49386 200.1.1.1:33512 200.1.1.1:33512
udp 102.1.1.1:49387 10.22.22.31:49387 200.1.1.1:33513 200.1.1.1:33513
udp 102.1.1.1:49388 10.22.22.31:49388 200.1.1.1:33514 200.1.1.1:33514
udp 102.1.1.1:49389 10.22.22.31:49389 200.1.1.1:33515 200.1.1.1:33515
udp 102.1.1.1:49390 10.22.22.31:49390 200.1.1.1:33516 200.1.1.1:33516
udp 102.1.1.1:49391 10.22.22.31:49391 200.1.1.1:33517 200.1.1.1:33517
udp 102.1.1.1:49392 10.22.22.31:49392 200.1.1.1:33518 200.1.1.1:33518
udp 102.1.1.1:49393 10.22.22.31:49393 200.1.1.1:33519 200.1.1.1:33519
Pro Inside global Inside local Outside local Outside global
udp 102.1.1.1:49394 10.22.22.31:49394 200.1.1.1:33520 200.1.1.1:33520
udp 102.1.1.1:49395 10.22.22.31:49395 200.1.1.1:33521 200.1.1.1:33521
udp 102.1.1.1:49396 10.22.22.31:49396 200.1.1.1:33522 200.1.1.1:33522
udp 102.1.1.1:49397 10.22.22.31:49397 200.1.1.1:33523 200.1.1.1:33523
--- 102.1.1.1 10.22.22.31 --- ---
tcp 102.1.1.2:27680 10.22.22.32:27680 200.1.1.1:23 200.1.1.1:23
--- 102.1.1.2 10.22.22.32 --- ---
CUSINTRTR1#Look like something improved. 

Now i have query and you are my GURU (Tech teacher)

Why we advertised ( default-information originate always ) and Need to understand why default route is added  towards Layer 3 SW, correct my understand TO MATCH UNKNOWN INTERNET PACKET BECASUE THIS DEFAULT ROUTE IS ALWAYS USED IN BGP. AM I CORRECT ?  why UDP is observed when i used telnet 23 ?

regards

Virendra P

0 Helpful

Go to solution
MHM Cisco World
VIP
VIP

‎11-14-2023 05:58 AM

MPLSLABSETUP (1).png

0 Helpful

Go to solution
virendra pathak
Level 1
Level 1
In response to MHM Cisco World

‎11-14-2023 06:07 AM - last edited on ‎01-23-2024 05:56 AM by Community Manager

Dear MHM,

Thanks and i have already done that on SW 22 and 23,

DCSW22#sh running-config | sec route
ip route 0.0.0.0 0.0.0.0 102.1.1.1

Why we advertised ( default-information originate always ) ?

I Need to understand why default route is added  towards Layer 3 SW, correct my understand TO MATCH UNKNOWN INTERNET PACKET BECASUE THIS DEFAULT ROUTE IS ALWAYS USED IN BGP. AM I CORRECT ?  why UDP is observed when i used telnet 23 ?

Please confirm my understanding and need your guidance to enhance my skill .

I am really glad that whole time you are connected to me and help me to fix all issues. I can inform to client about all this when i shall get an opportunity in my life.

regards

Virendra P

0 Helpful

Go to solution
MHM Cisco World
VIP
VIP
In response to virendra pathak

‎11-14-2023 06:14 AM - edited ‎11-14-2023 06:15 AM

Need to understand why default route is added  towards Layer 3 SW, correct my understand TO MATCH UNKNOWN INTERNET PACKET BECASUE THIS DEFAULT ROUTE IS ALWAYS USED IN BGP. AM I CORRECT ? Correct, we adversite defuatl via OSPF to make BR use DC as path for any public IP.
note did you run OSPF between SW22/23 and R15/R16 ? if Yes that OK but why defualt route not appear in R15/R16??

for UDP appear in NATing Note so sure what traffic this is. 

0 Helpful

Go to solution
virendra pathak
Level 1
Level 1
In response to MHM Cisco World

‎11-14-2023 06:19 AM

Dear MHM,

I am happy now and Thanks a ton.  Once more Your support is really helped me a lot now. My next goal is to do GRE tunnel, mGRE tunnel and DMVPN, IPSECDMVPN. 

Hoping this design will help me to achieve my task.  It is really honoured to meet Cisco TECH Expert.

regards

Virendra P

0 Helpful

Go to solution
MHM Cisco World
VIP
VIP
In response to virendra pathak

‎11-14-2023 06:23 AM

You are so welcome 
have a nice day 
MHM

0 Helpful

Go to solution
MHM Cisco World
VIP
VIP
In response to MHM Cisco World

‎11-14-2023 10:55 AM - last edited on ‎01-28-2024 11:50 PM by Community Manager 

Udp is packet of traceroute.

The port confuse me.

But I check it traceroute udp traffic.

0 Helpful

Go to solution
virendra pathak
Level 1
Level 1
In response to MHM Cisco World

‎11-14-2023 08:15 PM

Dear MHM,

Thanks a lot for your clarification. 

Now, I am going to do VPN topic with using same design.  I am also doing preparation of CCIEV1.1 so i need your guidance.

Is it still worth to do CCIE EI ? 

regards

Virendra P

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card