04-27-2009 06:27 PM - edited 03-09-2019 10:15 PM
cannot seem to get bidirectional nat working on a 2801 running 12.4.
ip nat inside source static 10.1.1.1 66.170.199.205
With this static nat entry you can get to the inside host at 66.170.199.205, but 10.1.1.1 send traffic source nat'd to 66.170.199.205.
What am I missing?
04-28-2009 12:52 AM
It sounds like it' doing what it should - what do you actually need to do?
04-28-2009 01:02 AM
1-1 static nat in both directions. Inbound from the Internet works fine, outbound to the Internet does not.
04-28-2009 01:04 AM
Do you also have any dynamic nat configured ?
04-28-2009 01:18 AM
I do, see below. 10.1.2.10 is the culprit, inbound to
ip nat inside source list 199 interface
FastEthernet0/0 overload
access-list 199 deny ip host 10.1.2.10 any
access-list 199 permit ip any any
ip nat inside source static 10.1.2.10
04-28-2009 01:42 AM
OK - the config looks OK, what is the output of "show ip nat trans" ?
05-01-2009 05:48 AM
Thanks, turned out to be a malformed acl on the router.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: