NAT configuration problem on cat6500

Unanswered Question
Aug 22nd, 2014
User Badges:

Hi expert

I have tried to configure nat for a subnet, and I can ping from external, but not get remote desktop work. my configure is below:

 

interface vlan 111

   ip address 10.1.1.1 255.255.255.0

   ip nat inside

   if flow ingress

   ip pim sparse-dense-mode

 

interface vlan 2

   ip address xxx.xxx.2.1 255.255.255.0

   ip nat outside

   ip flow ingress

   ip pim sparse-dense-mode

 

ip nat pool NatPool xxx.xxx.2.24 xxx.xxx.2.31 prefix-length 29

ip nat inside source list NatSub pool NatPool overload 

ip access-list extended NatSub

    permit ip 10.1.1.0 0.0.0.255 any

 

if I am in subnet 10.1.1.0/24 or other subent in cat6500, I can use remote desktop to acccess the machine by the private ip address,

but, if I am out to internet, and remote login using remote desktop connection by the public address, I can not get connection.

 

Could any one advice, what possible problem I may have?

 

Any comments will be appreciated

 

Thanks in advance

 

Julxu

 

 

 

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Reza Sharifi Fri, 08/22/2014 - 09:22
User Badges:
  • Super Bronze, 10000 points or more
  • Cisco Designated VIP,

    2017 LAN

Hi,

You have the prefix-length as 29 but the mask on the interface is /24 ( ip address xxx.xxx.2.1 255.255.255.0)

Can you change the prefix-length to 24 and test again?

HTH

Actions

This Discussion