Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.

New Member

NAT config problem

Hi

I'm doing nat for the first time on a 6500 switch and I'm having problem with getting the configuration working and would appreciate some help.

I've got the following:

vlan 10

ip address 10.45.10.3 255.255.255.0

standby 10 10.45.10.1

ip nat inside

vlan 20

ip address 172.29.40.15 255.255.255.224

standby 20 ip 172.29.153.1

ip nat outside

access-list 110 permit ip 10.45.10.0 0.0.0.255 host 10.38.24.2

10.38.24.2 lies on the other side of the link on vlan 20.

At the moment I am unable to ping 10.38.24.2. Although if I ping from any othe rvlan outside of vlan 10 I am able to ping the server.

Please advise how I can fix this or what output you need?

Thanks

4 REPLIES

Re: NAT config problem

Why don't you just move the switchport that this host lies in to vlan 10?

Otherwise, what does your NAT statement look like?

HTH,

John

HTH, John *** Please rate all useful posts ***
New Member

Re: NAT config problem

Thanks,

I'm can't move my environment around due to other connecitons.

I forgot about the nat connection, here it is:

ip nat inside source list 110 interface Vlan20 overload

Thanks

Dan

Re: NAT config problem

Correct me if I'm wrong:

You can ping this server that's in VLAN 20, but the server is in a different subnet altogether? What type of equipment is this, and can you post all of your config? Do you have a diagram of how this is laid out?

In reality, if your server is attached to VLAN20, you shouldn't be able to get outside of that VLAN because the server wouldn't have a default gateway unless you have a router in between the server and the switch. A diagram would really help.

John

HTH, John *** Please rate all useful posts ***
Hall of Fame Super Blue

Re: NAT config problem

What result do you get if you do an extended ping with the source IP address of vlan 20 interface -

172.29.40.15

Also your HSRP address is not out of the same subnet on vlan 20 ie.

real IP - 172.29.40.15 - network 172.29.40.x

Virtual IP - 172.29.153.1

Finally - the vlan 20 interface on this switch - is it the active HSRP gateway. What about the other switch, have you applied "ip nat outside" there as well.

What does "sh ip nat translations" show on the switch ?

Jon

136
Views
0
Helpful
4
Replies
CreatePlease to create content