Table of Contents
Advertisement
JUNOSe 11.0.x IP Services Configuration Guide
4.
5.
6.
7.
8.
9.
10.
11.
Tunnel Configuration Through NAT Examples
PPTP uses enhanced GRE encapsulation for PPP payloads. After the PPTP tunnel
setup process, PPP packets are exchanged using GRE encapsulation. It is critical that
a NAT device that resides between PPTP client and PPTP server allow GRE flows.
This section contains NAT configuration examples for both inside and outside PPTP
tunnel setup through NAT.
86
Tunnel Configuration Through NAT Examples
host1:vr1(config-interface)#ip demux-type da-prefix
host1:vr1(config-interface)#exit
Create the address pool for dynamic translations.
host1:vr1(config)#virtual-router vr1:vrf11
host1:vr1:vrf11(config)#ip nat pool entApool 128.13.44.0 128.13.44.255
prefix-length 24
Create the access list for addresses eligible for dynamic translation.
host1:vr1:vrf11(config)#access-list entA permit 10.16.5.0 0.0.0.255
Create the dynamic translation rule.
host1:vr1:vrf11(config)#ip nat inside source list entA pool entApool
Create the subscriber interface off the uplink.
host1:vr1:vrf11(config)#interface ip vrf11vr1
host1:vr1:vrf11(config-interface)#ip share-interface atm 12/0.101
host1:vr1:vrf11(config-interface)#ip unnumbered loopback 1
Configure a group of destination prefixes with which the device can communicate
on the public network.
host1:vr1:vrf11(config-interface)#ip destination-prefix 128.13.44.0
255.255.255.0
Mark the subscriber interface as outside.
host1:vr1:vrf11(config-interface)#ip nat outside
host1:vr1:vrf11(config-interface)#exit
Point the default route to the shared interface.
host1:vr1:vrf11(config)#ip route 0.0.0.0 0.0.0.0 ip vrf11vr1
Install a null route to avoid routing loops to the inside global address.
host1:vr1:vrf11(config)#ip route 128.13.44.0 255.255.255.0 null 0
Advertisement
Table of Contents
