network - snat

asked 2017-02-08 03:04:37 -0500

2707974 gravatar image

I wish to have one tenant and two external network on router.

On one external network I have nat, but not on second external network. I need nat enabled on both network.

First network, with nat enabled and name External Network, is for internet access. Second network is for trunk, direct dedicated connection from tenant router to far end resource. In short I have l2 tunnel on my hardware equipment and tag packet with vlan id 1804. That traffic must be passed to the tenant router.

I create ProNet and setup is correct and working.

ProNet use net.

Interface on tenant router connected to that netwotk have ip

From tenant router I can access far end resource on ip But without nat, instance represent him self with ip from network

Far end resource do not have route for network but have Route for network.

For me is easiest to enable nat on interface on tenant router to access far end resource for in My case network with name ProNet.

Second working solution is to put route on far end resource via

I want to avoid far end resource configuration aka adding route. Because of that I need nat on router interface. In that case traffic from instace on will be nated to and I do not need to ad route to far end resource.


Tenant network:

External Network: – on port


Traffic flows:

To internet -> -> nat -> -> internet

To far end -> -> no nat -> ->

On this flow I need nat.

edit retag flag offensive close merge delete