NAT on Catalyst 6509

Unanswered Question

I configured NAT on a Catalyst 6500 Switch. I created a Vlan, defined it as NAT Inside and associated a few Switchports to it. I configured a Physical Port as a Routed Port and defined it as NAT Outside. I created an Access-list matching a Class A Private Address used on the NAT Inside Vlan Interface, and then defined a NAT Inside Source List to overload on the NAT Outside Interface. The problem I have is when I generate Pings from a PC on the NAT Inside VLAN Interface the pings are successful (NAT works). But when I try to do DNS lookup from a PC in the NAT Inside Interface DNS is not successful and specifically the NAT Process reports a failure in NAT translation. The report says the following "translation failed (A), dropping packet s= d=". The DNS Server is located on the NAT Outside Interface.

Can anyone kindly give me a clue some missing configs. Firewall Services Module is disabled on the 6500.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
nikolay-shopik Tue, 04/08/2008 - 03:11
User Badges:

there known bug in some version of IOS when you doing nat and DNS, can't find it right now, but you may look by yourself in bug tracker and see if this affect your version of IOS

kchauhan Tue, 04/08/2008 - 09:31
User Badges:

Hi Patmien

Can u show me the configuration of that router..???


This Discussion