Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
299
Views
0
Helpful
3
Replies

A bit confused with NAT + 1 weird problem

ROSS_Solar
Level 1
Level 1

‎03-03-2008 05:24 AM - edited ‎03-03-2019 08:56 PM

Dear NetPros!

Recently got a cisco 2851 router + 2 HWIC-1FE cards. Network setup is described in attached jpeg. I've configured ISP failover with ip sla + NAT and pptp VPN server, but still can't figure out how to make FTP server 2 (see attachment) reachable from outside hosts with 1.1.1.4 address. The problem is that LAN2 has its own uplink and default gw, so we need to do NAT with not only inside src address changed, but also need to change outside src address. Can't get it working. Please, help :)

And now the weird problem:

When tested failover uplink switching noticed that when i pull cable out of fa0/1/0 everything works fine (sla monitor + tracking shows reachability->down) but when i return cable back to interface fa0/1/0, iface goes up, proto up, !!but!! 'show track' says reachability still down, 'show ip sla trace' shows timeouts for icmp goin out fa0/1/0. More, when tryin to ping fa0/1/0 address from remote hosts - getting timeouts. The only way to get things working again - reload router. Please advice, how to make it working properly.

With best regards,

Vlad

Labels:
Preview file
7 KB
Preview file
50 KB
0 Helpful
3 Replies 3

ROSS_Solar
Level 1
Level 1

‎03-04-2008 01:36 AM

Please, tell if it is possible to make such a translation at all (see first part of leading post)?

0 Helpful

ROSS_Solar
Level 1
Level 1
In response to ROSS_Solar

‎03-04-2008 11:04 AM

guys, no one can help? i'm really surprised...

0 Helpful

Edison Ortiz
Hall of Fame
Hall of Fame

‎03-04-2008 11:13 AM

Try changing the SLA to ping 1.1.1.1 instead of an address that involves routing such as 192.58.128.30.

Give a try with this config.

ip sla 1

icmp-echo 1.1.1.1 source-interface FastEthernet0/1/0

timeout 1000

threshold 3

frequency 10

ip sla schedule 1 life forever start-time now

Also, remove the ip inspect on that interface while we are troubleshooting this.

__

Edison.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card