InterVlan Routing On L3 Switch and NAT On another Router

Unanswered Question
Dec 2nd, 2007

Hi All,

Not sure if this can be done

ISP----------Router--<L3 Port>--L3 SW--------------------Intenal Network

Router Config:

access-list 1 permit

access-list 1 permit

ip nat inside source list 1 interface <WAN> overload

interface <WAN>

ip address

ip nat outside

no shut

interface <LAN>

ip address

ip nat inside

no shut

ip route

ip route

Switch Config:

ip routing

interface fa0/1

no switchport

ip address

no shut

interface VLAN 10

ip address

no shut

interface range fa0/2-24


switchport mode access

switchport access vlan 10

spanning-tree portfast

no shut

From the PC, I am not able to access the internet. nor can i do a NAT translation on WAN Router.


btw, Layer 3 Switch does not allow us to configure NAT.

Help is greatly appreciated.


Yen Lung

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Jon Marshall Sun, 12/02/2007 - 04:28

Hi Yen

Do you have a deault route on your L3 switch pointing to ?


yenlung Sun, 12/02/2007 - 05:33

Oh yes, I had put it down in my config.

Still not working...

thotsaphon Sun, 12/02/2007 - 04:35

Hi Yen.

- Can you do ping command from hosts to

- Can you resolve names from the DNS server?

From hosts : C:\>nslookup

Hopes that help


yenlung Sun, 12/02/2007 - 05:35

i had forgetten the ip route on the above.

I had put that in in my L3 SW.

I could not test that, as it is a internal Lab.

but, from the PC, I am able to ping to the WAN Interface.

No NAT translation.

yenlung Mon, 12/03/2007 - 01:13

Any one can help me with this?

It seem to be a simple problem. what am i missing?

Jon Marshall Mon, 12/03/2007 - 01:36

Hi yen

Firstly are you sure packets are getting to the router from the switch.

if so, can you run a "debug ip nat" on the WAN router to see what is happening.

Be careful with debug commands as they can affect the performance of the router.


yenlung Mon, 12/03/2007 - 06:26

Ok ... Problem solved,

One quick question...

When I ping the WAN Router Outside interface, from the Inside Interface, I get a NAT translation.

however, once i go to the l3 switch, and ping the WAN router outside interface, I do not get a NAT translation.



This Discussion