NAT on Catalyst 6509

patmien · ‎03-26-2008

I configured NAT on a Catalyst 6500 Switch. I created a Vlan, defined it as NAT Inside and associated a few Switchports to it. I configured a Physical Port as a Routed Port and defined it as NAT Outside. I created an Access-list matching a Class A Private Address used on the NAT Inside Vlan Interface, and then defined a NAT Inside Source List to overload on the NAT Outside Interface. The problem I have is when I generate Pings from a PC on the NAT Inside VLAN Interface the pings are successful (NAT works). But when I try to do DNS lookup from a PC in the NAT Inside Interface DNS is not successful and specifically the NAT Process reports a failure in NAT translation. The report says the following "translation failed (A), dropping packet s=10.20.20.1 d=192.168.1.1". The DNS Server is located on the NAT Outside Interface.

Can anyone kindly give me a clue some missing configs. Firewall Services Module is disabled on the 6500.

Thanks.

nikolay-shopik · ‎04-08-2008

there known bug in some version of IOS when you doing nat and DNS, can't find it right now, but you may look by yourself in bug tracker and see if this affect your version of IOS

patmien · ‎04-24-2008

I integrated the Firewall Services Module and then configured NAT on it and everything is fine now.

patmien · ‎04-24-2008

I integrated the Firewall Services Module and then configured NAT on it and everything is fine now.

kchauhan · ‎04-08-2008

Hi Patmien

Can u show me the configuration of that router..???

patmien · ‎04-24-2008

I integrated the Firewall Services Module and then configured NAT on it and everything is fine now.