Cisco Cisco Packet Data Gateway (PDG) Guia De Resolução De Problemas
NAT Configuration
Configuring NAT ▀
Cisco ASR 5000 Series Network Address Translation Administration Guide ▄
OL-22992-01
Notes:
In StarOS 8.x, NAT for CDMA and early UMTS releases used rulebase-based configurations, whereas in later
UMTS releases NAT used policy-based configurations. In StarOS 9.0 and later releases, NAT for UMTS and
CDMA releases both use policy-based configurations. For more information, please contact your local service
representative.
CDMA releases both use policy-based configurations. For more information, please contact your local service
representative.
The
command enables NAT for all subscribers using the policy.
Duplicate ruledef names or priorities are not allowed in the same rulebase
A maximum of three NAT IP pools/NAT IP pool groups can be configured in a policy. A subscriber can be
allocated only one NAT IP address per NAT IP pool/NAT IP pool group from a maximum of three pools/pool
groups. Hence, at anytime, there can only be a maximum of three NAT IP addresses allocated to a subscriber.
groups. Hence, at anytime, there can only be a maximum of three NAT IP addresses allocated to a subscriber.
It is recommended that in a Firewall-and-NAT policy all the realms configured either be NAT IP pools or NAT
IP pool groups. If both NAT IP pool(s) and NAT IP pool group(s) are configured, ensure that a NAT IP pool is
not a part of a NAT IP pool group.
not a part of a NAT IP pool group.
NAT is applied only to packets in the uplink direction.
Rule matching is done for the first packet for a flow. Only when no rules match, the
configuration is considered. The default settings for uplink direction is ―permit‖, and for downlink direction
―deny‖.
―deny‖.
If there are no rules matching a packet, then the NAT IP pool/NAT IP pool group to be used for the flow is taken
from the following configuration:
If there is no NAT IP pool/NAT IP pool group name configured in the matching access ruledef, NAT will be
bypassed, i.e., NAT will not be applied to the flow.
Configuring Action on NAT IP Address/Port Allocation Failure
To configure sending ICMP error messages in the event of NAT IP address/port allocation failure, use the following
configuration:
configuration: