This document provides a sample configuration for Port Address Translation (PAT) to establish a session between Cisco Transport Controller (CTC) and ONS 15454 when CTC resides inside the firewall.
Ensure that you meet these requirements before you attempt this configuration:
Have basic knowledge about Cisco ONS 15454.
Know which Cisco Routers support PAT.
The information in this document is based on these software and hardware versions:
Cisco ONS 15454 version 4.6.X and later
Cisco IOS® Software Release 12.1(11) and later
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.
Refer to the Cisco Technical Tips Conventions for more information on document conventions.
The topology consists of these elements:
One Cisco ONS 15454
One PC
One Cisco 2600 Series Router
The ONS 15454 resides in the external network and acts as the server. The PC resides in the internal network, and serves as the CTC client. The Cisco 2600 Series Router provides the PAT support.
In this section, you are presented with the information to configure the features described in this document.
Note: Use the Command Lookup Tool (registered customers only) to obtain more information on the commands used in this section.
This document uses this network setup:
Figure 1 – Topology
This document uses these configurations:
Cisco ONS 15454
PC
Cisco 2600 Series Router
10.89.238.192 is the IP address of the ONS 15454 (see arrow A in Figure 2), and 10.89.238.1 represents the default router (see arrow B in Figure 2).
Figure 2 – ONS 15454 Configuration
Complete these steps in order to ensure that CTC communicates with ONS 15454 through PAT:
Check the Enable proxy server on port check box in the Gateway Settings section (see arrow C in Figure 2).
Select the Proxy-only option (see arrow D in Figure 2).
Click Apply.
If you do not enable the proxy server, CTC fails with these error messages:
Figure 3 – EID-2199 ErrorFigure 4 – CTC Initialization Error
172.16.1.254 is the IP address of the PC (see arrow A in Figure 5), and 172.16.1.1 represents the default gateway (see arrow B in Figure 5).
Figure 5 – PC Configuration
This section provides the procedure to configure the router.
Complete these steps:
Configure the internal interface, where the ONS 15454 resides.
! interface Ethernet1/0 ip address 10.89.238.1 255.255.255.0 ip nat outside !
Configure the external interface, where the CTC client resides.
interface Ethernet1/1 ip address 172.16.1.1 255.255.255.0 ip nat inside !
Configure PAT support on the router. The configuration indicates that any packet that arrives on the internal interface, which access list 1 permits, shares one outside IP address. The outside IP address is 10.89.238.1 in this configuration.
! !--- Indicates that any packets that arrive on the internal interface, which !--- access list 1 permits, share one outside IP address (the address !--- on ethernet1/0). ip nat inside source list 1 int ethernet1/0 overload access-list 1 permit 172.16.1.0 0.0.0.255 !
Use this section to confirm that your configuration works properly.
Complete these steps:
Run Microsoft Internet Explorer.
Type http://10.89.238.192 in the Address bar of the browser window, and press ENTER.
The CTC Login window appears.
Type the correct User Name and Password.
The CTC client successfully connects to ONS 15454.
This section provides information you can use to troubleshoot your configuration.
Issue the debug ip nat detailed command to turn on the IP NAT detailed trace. You can view the address translations from 172.16.1.254 to 10.89.238.1 (see arrow A in Figure 6), and from 10.89.238.1 to 172.16.1.254 (see arrow B in Figure 6).
Figure 6 – Debug IP NAT Detailed