Packets not NATED and go directly via routing

MaximBudyonny · ‎04-13-2007

Hi!

Wery simple configuration but it doesn't work.

I've configured router 2811 to NAT packets from different hosts that arrive from interface fa 0/0.200 (subinterface for VLAN200) via static NAT

Packets arrive from fa 0/0.200 but NAT doesn't create entries for some of them.

This packets go directly by routing. I can see this packets in OUT access-list binded to the outbound interface

I think that the root of the issue is missconfiguration but couldn't find it.

Here is part of my config

---------------Static NAT---------------

ip nat inside source static tcp 10.0.32.93 3000 10.251.1.29 3000 extendable

ip nat inside source static tcp 10.0.32.94 3000 10.251.1.30 3000 extendable

ip nat inside source static tcp 10.0.32.125 3000 10.251.1.31 3000 extendable

------------------INBOUND INETRFACE-----------------

interface FastEthernet0/0.200

description TO-LOT-OF-INTERNAL-HOSTS-THAT-MUST-BE-NATED

encapsulation dot1Q 200

ip address 172.22.0.101 255.255.255.252

ip nat inside

ip virtual-reassembly

ip tcp adjust-mss 1200

ip ospf message-digest-key 200 md5 7 XXX

ip ospf network non-broadcast

no snmp trap link-status

no cdp enable

end

---------------OUTBOUND INETRFACE---------------

interface Vlan3

description OUTSIDE-NATED-PACKETS-MUST-ENCRYPT-AND-GO-TO-REMOTE DESTINATION

ip address X.X.X.Z 255.255.255.252

ip nat outside

ip virtual-reassembly

crypto map TO-REMOTE

end

---------------ROUTING---------------

ip route 10.1.15.0 255.255.255.0 IPADDR 240 tag 333 name REMOTE-DEST

mahmoodmkl · ‎04-13-2007

Hi

And the address u have defined in u r NAT statements are different than configured on ur f0/0.200 interface.Can u tell us why u have used the address different then the source of NAT.

Thanks

Mahmood