Skip to main content
Cisco SD-WAN
Product Documentation
Viptela Documentation


vpn interface nat overload— Control the mapping of addresses on a vEdge router that is acting as a NAT device (on vEdge routers only). By default, the overload function is enabled, which enables dynamic NAT.

Addresses are mapped one to one until the address pool is depleted. Then, in Release 16.3.0, the last address is used multiple times, and the port number is changed to a random value between 1024 and 65535. For Releases 16.3.2 and later, when the address pool is depleted, the first address in the pool is used multiple times. This reuse of the last address is called overloading. Overloading effectively implements dynamic NAT.

To enable static NAT, which maps a single source IP address to a single translated IP address, include the no overload command in the configuration. With this configuration, when the maximum number of available IP addresses is reached, you cannot configure any more mappings between source and translated addresses.

vManage Feature Template

For vEdge routers only:

Configuration ► Templates ► VPN Interface Cellular (for vEdge cellular wireless routers only)
Configuration ► Templates ► VPN Interface Ethernet
Configuration ► Templates ► VPN Interface NAT Pool
Configuration ► Templates ► VPN Interface PPP

Command Hierarchy

vpn vpn-id
  interface natpoolnumber
      [no] overload




Configure a vEdge router to perform dynamic NAT:

vEdge# show running-config vpn 1
interface natpool1
  ip address
  no shutdown

Configure a vEdge router to perform static NAT, translating a service-side and a remote IP address:

vEdge# show running-config vpn 1
interface natpool1
  ip address
    static source-ip translate-ip inside
    static source-ip translate-ip outside
    direction inside
    no overload
  no shutdown

Release Information

Command introduced in Viptela Software Release 16.3.

Additional Information

See the Using a vEdge Router as a NAT article for your software release.

  • Was this article helpful?