Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
485
Views
0
Helpful
2
Replies

no nat problem on 851W

Mehuge111
Level 1
Level 1

‎02-29-2008 02:43 AM - edited ‎03-05-2019 09:27 PM

IOS V12.4(4)T8

Cisco 851W

This router is in a 192.168.5.0 private network, it is used to VPN tunnel to another private network. Its WAN interface is on the 192.165.5.0 network and its wireless/lan is in the 10.119.103.0 network.

The problem I am trying to solve was allowing a host in the 192.168.5.0 network RDP (port 3389) access to the hosts in the 10.119.103.0 network which isnt working due to nat.

If I open 3389 on the wan interface and then disable nat using:

conf t

interface BVI2

no ip nat inside

exit

copy run start

It all works, until I reboot the router. Even though I saved the config, when the router comes back up it starts natting again (even though the config does not include any ip nat commands).

I have to manually run the no ip nat inside command again on BVI2.

How can I permenantly disable NAT?

Is it because I still have ip inspect commands in the config?

Labels:
0 Helpful
2 Replies 2

owillins
Level 6
Level 6

‎03-06-2008 09:09 AM

Issue the clear ip nat translation command and then replacing the NAT configuration quickly, before any new NAT entries are populated into the translation table due to active NAT traffic.

0 Helpful

Mehuge111
Level 1
Level 1
In response to owillins

‎03-06-2008 11:24 AM

The problem is happening after a reboot, its ok when I first turn off nat, its after a reboot that it comes back, for example

AustinF#clear ip nat trans *

AustinF#sh ip nat trans

AustinF#conf t

Enter configuration commands, one per line. End with CNTL/Z.

AustinF(config)#int bvi2

AustinF(config-if)#no ip nat inside

AustinF(config-if)#exit

AustinF(config)#exit

AustinF#copy run start

Destination filename [startup-config]?

Building configuration...

[OK]

AustinF#sh ip nat trans

AustinF#reload

wait for reboot, log back in to the router, and nat is enabled again

AustinF#sh ip nat trans

Pro Inside global Inside local Outside local Outside global

tcp 192.168.5.168:1602 10.119.103.3:1602 64.156.132.140:80 64.156.132.140:80

tcp 192.168.5.168:1603 10.119.103.3:1603 64.156.132.140:80 64.156.132.140:80

tcp 192.168.5.168:1604 10.119.103.3:1604 64.156.132.140:80 64.156.132.140:80

tcp 192.168.5.168:1605 10.119.103.3:1605 64.156.132.140:80 64.156.132.140:80

tcp 192.168.5.168:1608 10.119.103.3:1608 64.156.132.140:80 64.156.132.140:80

tcp 192.168.5.168:1609 10.119.103.3:1609 64.156.132.140:80 64.156.132.140:80

tcp 192.168.5.168:1610 10.119.103.3:1610 64.156.132.140:80 64.156.132.140:80

tcp 192.168.5.168:1611 10.119.103.3:1611 64.156.132.140:80 64.156.132.140:80

tcp 192.168.5.168:1612 10.119.103.3:1612 64.156.132.140:80 64.156.132.140:80

udp 192.168.5.168:1693 10.119.103.3:1693 85.189.102.5:53 85.189.102.5:53

tcp 192.168.5.168:3389 10.119.103.3:3389 192.168.5.170:3208 192.168.5.170:3208

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card