Private IP range configured is 192.168.1.x/24 & public IPs assigned /29.
Public Ip range :- 188.8.131.52 to 184.108.40.206 (for example)
Natting is configured as :-
ip nat inside source list for_nat int loopback0 overload
ip access-list extended for_nat
permit ip 192.168.1.0 0.0.0.255 any
The problem is that in this situation sometimes some of the private IPs will not be able to go outside for some time suddenly.For e.g suddenly ip 192.168.1.2 will not be able to go outside but at the same time other all ips will be able to browse.But if i clear nat translations then the ips which were not able to go outside now they will able to browse.
can anyone tell me if its a IOS problem? should I need to upgrade IOS of router or its something else?
I am thinking of doing nat on a pool of public IPs instaed of int ip (loopback 0)
But my concern is that will that solve the problem?
One more question is that currently 6 public Ips are assigned in router as:-
ip add 220.127.116.11 255.255.255.248
out of which first 3 Ips form 1.1 to 1.3 are used for port tunneling.So my concern is that can I create pool of rest of 3 public IPs (1.4 to 1.6)out of above 6 Ips assigned to loopback0 & do overload on this pool as:-
ip nat pool NAT 18.104.22.168 22.214.171.124 prefix-length 29
ip nat inside source list for_nat pool NAT overload
Thank you very much for your help.I will try the above mentioned command by you.
But I have 2 questions here:-
1.Do I need to upgrade IOS ?
2.If i create a nat pool of 3 public IPs & doing nat on that pool,why everytime only 1 IP out of that pool is used for natting to all private IPs ?
Is there any way to configure the NAt in such a way that all the IPs in that NAT pool will be used at the same time ? Because though I create a poool of IPs for natting,it will take any one of IP randomly out of pool & natting for all private IPs will be done on that single IP only.
This is just my question.Might be I wrongly understood NAT concept.
2. The reason is that you are using 'overload'. The router will keep using that one address until it reaches a point where it is not able to allocate any more ports from the address, at which point it will move to the next one. In reality, that possibility is quite unlikely.
Now the issue is fixed but the unfortunate thing is that i couldn;t diagnose the root cause.I just replaced Cisco 1712 with another 1712 & that fixed the issue.It might be problem with IOS or hardware itself.
anyway thank you very much for your help.I appreciate your help.
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...
Attached policy provides CLI access to the Cisco 4G router over text messaging. Two files are in the attached .tar file:
2. PDF with instructions on how to load and use the .tcl file.