03-26-2008 08:44 AM - edited 03-03-2019 09:17 PM
I configured NAT on a Catalyst 6500 Switch. I created a Vlan, defined it as NAT Inside and associated a few Switchports to it. I configured a Physical Port as a Routed Port and defined it as NAT Outside. I created an Access-list matching a Class A Private Address used on the NAT Inside Vlan Interface, and then defined a NAT Inside Source List to overload on the NAT Outside Interface. The problem I have is when I generate Pings from a PC on the NAT Inside VLAN Interface the pings are successful (NAT works). But when I try to do DNS lookup from a PC in the NAT Inside Interface DNS is not successful and specifically the NAT Process reports a failure in NAT translation. The report says the following "translation failed (A), dropping packet s=10.20.20.1 d=192.168.1.1". The DNS Server is located on the NAT Outside Interface.
Can anyone kindly give me a clue some missing configs. Firewall Services Module is disabled on the 6500.
Thanks.
04-08-2008 03:11 AM
there known bug in some version of IOS when you doing nat and DNS, can't find it right now, but you may look by yourself in bug tracker and see if this affect your version of IOS
04-24-2008 07:21 AM
I integrated the Firewall Services Module and then configured NAT on it and everything is fine now.
04-24-2008 07:22 AM
I integrated the Firewall Services Module and then configured NAT on it and everything is fine now.
04-08-2008 09:31 AM
Hi Patmien
Can u show me the configuration of that router..???
04-24-2008 07:21 AM
I integrated the Firewall Services Module and then configured NAT on it and everything is fine now.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: