NAT issue: traffic entering/leaving same interface not NATed

mwasserott · ‎12-14-2006

Network setup: 1 Cisco 2600 router with a serial0/0 and fastethernet0/0 interface. The serial is connected to the ISP (me) and the faste connects the LAN. Serial0/0 has a public IP and is a NAT outside interface, while faste0/0 is a private IP and a NAT inside interface. Both static and overloading NAT are in use. The static NAT is to allow access to the web server and the PAT is for local users to access the internet.

Issue: Local users attached to the faste0/0 interface are not able to connect to the web server using the inside-global IP.

attrgautam · ‎12-14-2006

Since you come in and leave out from the same interface, Natting will not happen for this traffic. For this you may need to perform NAT on stick to perform the natting.

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080094430.shtml

This link should help you

mwasserott · ‎12-15-2006

Thank you. That is what I am thinking, that I would need another layer 3 interface so that an actual inside-outside or outside-inside traversal occurred. In this case, it is inside-inside.

rajinikanth · ‎12-14-2006

Hi,

Please try to change ur access-list 1 to deny the ip address that are defined in static natting.

The problem is ur dynamic natting is overtaking ur static natting statements.

Check the link

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_q_and_a_item09186a00800e523b.shtml#qa17

Hope this helps

Thanks

Raj

mwasserott · ‎12-15-2006

Thanks for the tip I will check on that.