Static NAT is more straight forward to configure so to do this you need to do the following:

When you do the NAT Translation just reference the Internal HSRP Group e.g:

ip nat inside source static tcp 3389 3855 redundancy HSRP-Internal extendable

Remember to do this on both Routers as they both must Match!

Dynamic NAT is done like the following:

You need to create a Stateful ID as you need to link the NAT pool to this ID. (Again same on both routers)

ip nat Stateful id 1
redundancy HSRP-Internal
mapping-id 101
protocol udp

Define NAT Pool:

ip nat pool VOIP netmask

Create the Access-List to define what matches this rule:

Extended IP access list VOIP
10 permit ip any (35533 matches)
20 permit ip any (5760 matches)

Now the Overload Statement:

ip nat inside source list VOIP pool VOXHUB-VOIP mapping-id 101 overload

Thats all there is too it!

If you do “Show ip nat translations” on the secondary router you will see the NAT translations replicated from the Primary!

I have used this on a PWAN project that has over 100 sites and the two main sites has VOIP phones that work on a 10.5.X.X and 10.15.X.X Network so I nat’ted them straight out using a unique public IP. Less hassle this way especially where SIP is concerned!

See Image below showing both Putty sessions open for Both Routers showing exactly the same NAT translations although only the Primary Router is active!




Leave a Reply

Your email address will not be published. Required fields are marked *