Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

NAT issues

i have just configured a network for a customer to access the network.

i have configured the internet gateway router for NAT.

I can reach both inside and outside interfaces of the internet gateway router from inside the network but when i try to get to the web, can't get through and no translations occurs.

But when I do a static NAT for any particular inside address it works.

Just can't figure out where I missed it .

Need help.

Attached are the configs of my router and switch as they are connected directly to each other.

3 REPLIES
New Member

Re: NAT issues

Hi

can u please tell why this route has been added

ip route 10.0.0.0 255.0.0.0 10.1.22.1

Hall of Fame Super Silver

Re: NAT issues

Senthil

It is not my network and so I do not know for sure. But it seems fairly clear from the config that the subnet on the Gig0/0 is a /30 which only contains 2 addresses in network 10.0.0.0. And the default route points out Gig0/1. So if network 10.0.0.0 is behind Gig0/0 as seems logical then there needs to be a static route pointing 10.0.0.0/8 out Gig0/0. Without a static route for 10.0.0.0 the traffic would be forwarded using the default route out Gig0/1. If that is not right then perhaps Obiora can clarify.

If there were a dynamic routing protocol the static route would not be necessary. But no dynamic routing protocol is configured.

HTH

Rick

Hall of Fame Super Silver

Re: NAT issues

Obiora

My guess is that your problem with NAT has to do with the access list that identifies traffic. I suggest that you replace this list:

access-list 7 permit any log

with this version of the list:

access-list 7 permit 10.0.0.0 0.255.255.255 log

and while having the log parameter may be helpful during installation and testing I would suggest that you remove it before this router actually goes live. Depending on the amount of traffic being translated this could generate a very large volume of syslog records.

HTH

Rick

116
Views
0
Helpful
3
Replies