Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
425
Views
0
Helpful
7
Replies

InterVlan Routing On L3 Switch and NAT On another Router

yenlung
Level 1
Level 1

‎12-02-2007 03:06 AM - edited ‎03-05-2019 07:46 PM

Hi All,

Not sure if this can be done

ISP----------Router--<L3 Port>--L3 SW--------------------Intenal Network

Router Config:

access-list 1 permit 192.168.0.0 0.0.0.3

access-list 1 permit 10.0.0.0 0.0.0.255

ip nat inside source list 1 interface <WAN> overload

interface <WAN>

ip address 1.1.1.2 255.255.255.252

ip nat outside

no shut

interface <LAN>

ip address 192.168.0.1 255.255.255.252

ip nat inside

no shut

ip route 0.0.0.0 0.0.0.0 1.1.1.1

ip route 10.0.0.0 255.255.255.0 192.168.0.2

Switch Config:

ip routing

interface fa0/1

no switchport

ip address 192.168.0.2 255.255.255.252

no shut

interface VLAN 10

ip address 10.0.0.1 255.255.255.0

no shut

interface range fa0/2-24

switchport

switchport mode access

switchport access vlan 10

spanning-tree portfast

no shut

From the PC, I am not able to access the internet. nor can i do a NAT translation on WAN Router.

WHY?

btw, Layer 3 Switch does not allow us to configure NAT.

Help is greatly appreciated.

Regards

Yen Lung

Labels:
0 Helpful
7 Replies 7

Jon Marshall
Hall of Fame
Hall of Fame

‎12-02-2007 04:28 AM

Hi Yen

Do you have a deault route on your L3 switch pointing to 192.168.0.1 ?

Jon

0 Helpful

yenlung
Level 1
Level 1
In response to Jon Marshall

‎12-02-2007 05:33 AM

Oh yes, I had put it down in my config.

Still not working...

0 Helpful

Thotsaphon Lueangwattanaphong
Level 7
Level 7

‎12-02-2007 04:35 AM

Hi Yen.

- Can you do ping command from hosts to 192.168.0.1.

- Can you resolve names from the DNS server?

From hosts : C:\>nslookup http://www.google.com

Hopes that help

Thot

0 Helpful

yenlung
Level 1
Level 1
In response to Thotsaphon Lueangwattanaphong

‎12-02-2007 05:35 AM

i had forgetten the ip route on the above.

I had put that in in my L3 SW.

I could not test that, as it is a internal Lab.

but, from the PC, I am able to ping to the WAN Interface.

No NAT translation.

0 Helpful

yenlung
Level 1
Level 1
In response to yenlung

‎12-03-2007 01:13 AM

Any one can help me with this?

It seem to be a simple problem. what am i missing?

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame
In response to yenlung

‎12-03-2007 01:36 AM

Hi yen

Firstly are you sure packets are getting to the router from the switch.

if so, can you run a "debug ip nat" on the WAN router to see what is happening.

Be careful with debug commands as they can affect the performance of the router.

Jon

0 Helpful

yenlung
Level 1
Level 1
In response to Jon Marshall

‎12-03-2007 06:26 AM

Ok ... Problem solved,

One quick question...

When I ping the WAN Router Outside interface, from the Inside Interface, I get a NAT translation.

however, once i go to the l3 switch, and ping the WAN router outside interface, I do not get a NAT translation.

WHY?

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card