Static NAT not working over the GRE Tunnel

Unanswered Question
Jun 22nd, 2009
User Badges:

my config as follows


interface Tunnel5

description "" xxxxxx ""

bandwidth 1024

ip address a.a.a.a 255.255.255.252

ip mtu 1500

tunnel source b.b.b.b

tunnel destination k.k.k.k

!

interface FastEthernet0/0

ip address y.y.y.y 255.255.255.128

ip address b.b.b.b 255.255.255.240 secondary

ip nat inside


interface Serial1/0

description *** 2MBPS Link ***

bandwidth 2048

ip address z.z.z.z 255.255.255.252

ip accounting output-packets

ip nat outside

ip route 0.0.0.0 0.0.0.0 y.y.y.y-1

ip route w.w.w.w 255.255.255.224 Tunnel5

ip nat inside source static w.w.w.w y.y.y.y extendable


this static nat translations not working.Please help me to resolv this


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
paolo bevilacqua Mon, 06/22/2009 - 05:45
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    Founding Member

You have no ip nat command under tunnell interface.

smohanasundaram Mon, 06/22/2009 - 05:53
User Badges:

thanks for your reply


now i configured ip nat inside to tunnel interface,but not working


i am able to ping the ip address.i cannot able to work with other services like DNS and Http


thanks in advance



paolo bevilacqua Mon, 06/22/2009 - 06:22
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    Founding Member

Check that the translation is formed as expected.

smohanasundaram Mon, 06/22/2009 - 06:31
User Badges:

yes.nat translation is formed.But when i telnet Y.Y.Y.Y 80 this output will be connection refused error



paolo bevilacqua Mon, 06/22/2009 - 06:44
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    Founding Member

Blame the host.

Brent Rockburn Mon, 06/22/2009 - 06:48
User Badges:

What happens when you do a


"sh ip nat tran"


Do you see it in there?

smohanasundaram Mon, 06/22/2009 - 06:52
User Badges:

yes.router translates the ip and ports.but i cannot able to work with services


thanks in advance

Brent Rockburn Mon, 06/22/2009 - 10:05
User Badges:

Can you do a debug on NAT and post the output here?


debug ip nat detailed

thotsaphon Mon, 06/22/2009 - 11:18
User Badges:
  • Gold, 750 points or more

S mohana,

Please explain in detail on what you're going to accomplish with NAT. It should be a good idea to explain about the direction of traffic(dest/source) pass through this router.

As other poster said,let us see the output of "debug ip nat detail".


HTH,

Toshi

smohanasundaram Mon, 06/22/2009 - 21:07
User Badges:

debug command output as follows


*Mar 6 18:29:56.303 IST: NAT: o: tcp (59.99.0.239, 6318) -> (203.112.139.174, 135) [7966]

*Mar 6 18:29:56.303 IST: NAT: o: tcp (59.95.189.53, 8308) -> (203.112.131.238, 135) [2492]

*Mar 6 18:29:56.303 IST: NAT: o: udp (202.54.15.30, 53) -> (203.112.128.20, 1024) [19190]

*Mar 6 18:29:56.303 IST: NAT: o: udp (203.112.151.57, 59651) -> (203.112.128.1, 161) [47]





*Mar 6 18:29:56.303 IST: NAT: o: udp (200.230.94.35, 48035) -> (203.112.128.25( This is my DNS Server IP Address, 53) [33402]


*Mar 6 18:29:57.123 IST: NAT: o: udp (203.112.151.51, 59492) -> (203.112.128.25, 53) [29470]

*Mar 6 18:29:57.127 IST: NAT: o: udp (200.142.58.20, 10795) -> (203.112.128.25, 53) [0]



*Mar 6 18:29:57.127 IST: NAT: o: tcp (203.112.205.197, 2411) -> (203.112.128.69, 135) [56942]

*Mar 6 18:29:57.127 IST: NAT: o: udp (195.90.231.241, 38844) -> (203.112.128.20, 53) [0]

*Mar 6 18:29:57.127 IST: NAT: o: icmp (200.142.58.20, 52452) -> (203.112.128.20, 53) [57184]

*Mar 6 18:29:57.127 IST: NAT: o: udp (203.112.151.51, 59492) -> (203.112.128.20, 53) [29472]


thanks

paolo bevilacqua Tue, 06/23/2009 - 01:46
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    Founding Member

I told you already, likely host problem, check the icmp message received.

smohanasundaram Tue, 06/23/2009 - 03:34
User Badges:

yes.i am able to ping inside host( NATed Ip) from outside world.but http and DNS servcies not working.in inside network http and DNS working fine

Actions

This Discussion