Internal hosts cannot access the outside network because NAT does not translate


Wed, 01/20/2010 - 09:09
Jun 18th, 2009
User Badges:
  • Gold, 750 points or more

Core Issue

The most common reason for this problem is a misconfiguration of the Network Address Translation (NAT), such as not having the ip nat inside and ip nat outside commands on the appropriate interfaces. Another possible reason is that there is no Access Control List (ACL) configured for NAT specifying which hosts are permitted to use NAT.


Ensure that the ip nat inside and ip nat outside commands are assigned to the correct interfaces. Check the ACL configured for NAT and make sure the inverse mask is correct.

For more information, refer to Verifying NAT Operation and Basic NAT Troubleshooting.

Another situation in which NAT would not work is if IP Routing is disabled globally.  If this is the case, you can turn up IP Routing with the ip routing global (default) command.

What Can You Not Ping

Cannot ping beyond the NAT router

Cannot ping NAT global address



This Document

Related Content