Step 1 |
enable
|
Enables privileged EXEC mode.
|
Step 2 |
configure
terminal
Router# configure terminal
|
Enters global configuration mode.
|
Step 3 |
interface
type
number
Router(config)# interface ethernet 1/1
|
Specifies an interface and returns to interface configuration mode.
|
Step 4 |
ip
nat
inside
Router(config-if)# ip nat inside
|
Connects the interface to the inside network (the network subject to NAT translation).
|
Step 5 |
exit
|
Exits interface configuration mode and enters global configuration mode.
|
Step 6 |
interface
type
number
Router(config)# interface ethernet 1/3
|
Specifies an interface and enters interface configuration mode.
|
Step 7 |
ip
nat
outside
Router(config-if)# ip nat outside
|
Connects the interface to the outside network.
|
Step 8 |
exit
|
Exits interface configuration mode and returns to global configuration mode.
|
Step 9 |
ip
nat
pool
name
start-ip
end-ip
{netmask netmask | prefix-length prefix-length }
Router(config)# ip nat pool inside-pool-A 172.16.0.1 172.16.0.10 prefix-length 16
|
Defines a pool of global addresses to be allocated for the inside network.
Note
|
You must configure two address pools when you are using the NAT SBC feature and you want to translate the call IDs. In this
step you are configuring the first address pool.
|
|
Step 10 |
ip
nat
pool
name
start-ip
end-ip
{netmask netmask | prefix-length prefix-length }
Router(config)# ip nat pool outside-pool 203.0.113.1 203.0.113.10 prefix-length 24
|
Defines a pool of global addresses to be allocated for the outside network.
Note
|
You must configure two address pools when you are using the NAT SBC feature and you want to translate the call IDs. In this
step, you are configuring the second address pool.
|
|
Step 11 |
ip
nat
inside
source
list
access-list-number
pool
name
[vrf vrf-name ] [overload ]
Router(config)# ip nat inside source list 1 pool inside-pool-A vrf vrfA overload
|
Enables NAT of the inside source address and configures the access list for translation.
|
Step 12 |
ip
nat
outside
source
list
access-list-number
pool
name
Router(config)# ip nat outside source list 3 pool outside-pool
|
Enables NAT of the outside source address and configures the access list for translation.
|
Step 13 |
ip
nat
sip-sbc
Router(config)# ip nat sip-sbc
|
Enters IP NAT SBC configuration mode.
|
Step 14 |
proxy
inside-address
inside-port
outside-address
outside-port
protocol
udp
Router(config-ipnat-sbc)# proxy 200.1.1.1 5060 192.0.2.2 5060 protocol udp
|
Configures the address or port that the inside phones will be referring to, and the outside proxy’s address and port to which
the NAT SBC translates the destination IP address and port.
|
Step 15 |
vrf-list
Router(config-ipnat-sbc)# vrf-list
|
(Optional) Enters IP NAT SBC VRF configuration mode.
|
Step 16 |
vrf-name
vrf
-
name
Router(config-ipnat-sbc-vrf)# vrf-name vrf1
|
(Optional) Defines SBC VRF list names.
|
Step 17 |
exit
Router(config-ipnat-sbc-vrf)# exit
|
Exits IP NAT SBC VRF configuration mode and enters global configuration mode.
|
Step 18 |
ip
nat
sip-sbc
Router(config)# ip nat sip-sbc
|
Enters IP NAT SBC configuration mode.
|
Step 19 |
call-id-pool
call
-id -pool
Router(config-ipnat-sbc)# call-id-pool pool-name
|
Specifies a dummy pool name for the in to out SIP signaling packet’s call ID that it will be translated to, and that a 1:1
association will be maintained rather than using the regular NAT pool.
-
This pool can be used in an overload scenario:
-
NAT mapping with an appropriate access control list (ACL) and a NAT pool matching the pool name must be configured.
-
This pool is not used for any other NAT processing except for call ID processing.
|
Step 20 |
session
-timeout seconds
Router(config-ipnat-sbc)# session-timeout 300
|
Configures the timeout duration for NAT entries pertaining to SIP signaling flows.
|
Step 21 |
mode
allow
-flow -around
Router(config-ipnat-sbc)# mode allow-flow-around
|
Enables flow-around for RTP.
|
Step 22 |
override
address
Router(config-ipnat-sbc)# override address
|
Allows the NAT SBC to override the out to in traffic’s destination IP during signaling or RTP traffic, or to override the
address and port.
|
Step 23 |
end
Router(config-ipnat-sbc)# end
|
Exits IP NAT SBC configuration mode and enters privileged EXEC mode.
|