Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
438
Views
0
Helpful
3
Replies

NAT & DHCP on C1760 with switch/InterVLAN routing

taidetech
Level 1
Level 1

‎12-20-2005 01:12 AM - edited ‎03-03-2019 01:11 AM

Hello,

trying to achieve following (see also Connection diagram.txt attachment):

There is satellite link, which goes to receiver.

Receiver is connected to Cisco 1760 router via switch. From router on serial interface there is one way outgoing satellite link.

On switch between receiver and router resides customers with public and private IP addresses, which can access Internet. Here I do not have problems, using DHCP for assigning private and NAT on stick, everything just works.

Problem is too achieve NAT working on switch (WIC-4ESW), which is inserted into Cisco1760.

Most important that other DHCP pool should be assigned here, we need to use other NAT pool (to split public IP assigned).

DHCP started to work, NAT is working only one way - from private to public IP address.

When reply comes to public IP which should be translated again, it does not.

I see that packets come on VLAN40 interface (see also configuration file of router), but do not see translation happening.

Right now in configuration NAT for VLAN40 is done using NAT on stick.

I also have tried plain NAT (using serial0/0 as NAT outside, no policy route on VLAN40) - result is same.

May be tried to achieve is practically not possible?

Thanks!

Labels:
Preview file
3 KB
Preview file
1 KB
0 Helpful
3 Replies 3

Georg Pauwen
VIP
VIP

‎12-20-2005 02:28 AM

Hello,

looking at the configuration of your router, I do not see access list 110, which should be matched in your route map:

access-list 10 permit 192.168.200.0 0.0.0.255

access-list 11 permit 192.168.100.0 0.0.0.255

access-list 100 permit ip any 193.100.100.0 0.0.0.3

access-list 100 permit ip 192.168.200.0 0.0.0.255 any

!

route-map NAT_Internet permit 10

match ip address 110

set ip next-hop 192.168.1.2

Can you check if this is a typo ?

Regards,

GP

0 Helpful

taidetech
Level 1
Level 1
In response to Georg Pauwen

‎12-20-2005 04:17 AM

Yes, it is just typo in text file attached, it should be (and there is in real config):

access-list 110 permit ip any 193.200.200.244 0.0.0.3

access-list 110 permit ip 192.168.100.0 0.0.0.255 any

Was deleting too much before sending file.

Regards, Rytis

0 Helpful

taidetech
Level 1
Level 1
In response to taidetech

‎12-20-2005 04:21 AM

Typo again, should be as in attachment (you would found more mistakes).

Preview file
3 KB
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents