×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

NAT config

Unanswered Question
Apr 3rd, 2006
User Badges:

Hi,


Dynamic NAT is not working with the following config. Could you assist with configuration.


Thanks.

Said


version 12.3

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname NAT

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

ip subnet-zero

ip cef

!

!

no ip domain lookup

!

ip audit po max-events 100

no ftp-server write-enable

!

!

!

!

interface Ethernet0/0

ip address 193.168.1.1 255.255.255.0

ip nat inside

half-duplex

!

interface TokenRing0/0

no ip address

shutdown

ring-speed 16

!

interface Serial1/0

ip address 200.200.100.1 255.255.255.252

ip nat outside

no fair-queue

!

interface Serial1/1

no ip address

shutdown

!

interface Serial1/2

no ip address

shutdown

!

interface Serial1/3

no ip address

shutdown

!

ip nat pool public 200.200.100.129 200.200.100.250 netmask 255.255.255.128

ip nat inside source list 1 pool public

ip http server

ip classless

ip route 0.0.0.0 0.0.0.0 200.200.100.2

!

!

access-list 1 permit 193.168.1.0 0.0.0.255

!

line con 0

exec-timeout 0 0

line aux 0

line vty 0 4

login

!

!

end

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
dgahm Mon, 04/03/2006 - 11:23
User Badges:
  • Blue, 1500 points or more

The return packets to your pool addresses are probably being dropped.


Can you change the subnet mask on S0 and the adjacent router to include your NAT pool range? That would fix it. Or you could add a static route on the adjacent router pointing your pool subnet back to 200.200.100.1.


Please rate helpful posts.

Nicholas Vigil Mon, 04/03/2006 - 13:07
User Badges:

It might be easier to PAT your internal address as follows:


ip nat inside source list 1 interface Serial1/0

overload


This will translate all yout internal address to your serial IP using PAT.

Actions

This Discussion