Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
442
Views
0
Helpful
5
Replies

NAT not working

clevett
Level 1
Level 1

‎11-11-2002 02:33 AM - edited ‎03-02-2019 02:47 AM

This is my first post so I hope I give you all enough information .....

I have a client that has a 1603 router connected via ISDN with NAT translating to 2 internal servers. Everything works perfectly. They have installed a faster link and were given a 1710 router to configure. Both routers are connected to the same hub. I am attempting to recreate the translations on the new router but cannot even get a basic SMTP test on port 25 to work on the new router. I have taken the configuration of the 1710 to it's most basic as a starting point. When I try to Telnet I get a timeout and then back to the command prompt. If I run a "show ip nat translations" when I am doing this I can see the translations listed in the table but it doesn't connect.

Is there any reason why both routers cannot be running together for a testing period or is it more than I have a configuration issue on my new router. I have inclued a "show running-config" on the new router:

!

version 12.2

service timestamps debug uptime

service timestamps log uptime

service password-encryption

!

hostname *****

!

enable password *****

!

memory-size iomem 25

ip subnet-zero

!

!

no ip domain-lookup

!

ip audit notify log

ip audit po max-events 100

ip ssh timeout 120

ip ssh authentication-retries 3

!

!

!

!

interface Ethernet 0

description connected to Internet

ip address x.x.x.x 255.255.255.252

ip nat outside

half duplex

!

interface FastEthernet 0

description connected to

ip address 192.168.0.15 255.255.255.0

ip nat inside

speed auto

!

router rip

version 2

passive-interface Ethernet 0

network 192.168.0.0

no auto-summary

!

ip nat pool xxxx-natpool-1 x.x.x.x x.x.x.x netmask 255.255.255.248

ip nat inside source list 1 pool xxxx-natpool-1 overload

ip nat inside source static tcp 192.168.0.2 25 x.x.x.x 25 extendable

ip classless

ip route 0.0.0.0 0.0.0.0 Ethernet 0

no ip http server

ip pim bi-dir enable

!

access-list 1 permit 192.168.0.0 0.0.0.255

(dialer-list 1 protocl ip permit) I added this line as it was in the 1603 router

!

line con 0

exec-timeout 0 0

password *****

login

line aux 0

line vty 0 4

password *****

login

!

no scheduler allocate

end

I hope there is enough information to go on and let me know if you need any more.

Thanks in advance

Labels:
0 Helpful
5 Replies 5

lgijssel
Level 9
Level 9

‎11-11-2002 05:00 AM

Did you connect both routers in parallel?

In this case your IP adresses may overlap on either in- or outside, or both.

The feature you need should be working without modifications when you switch from a 1600 to a 1700 series router.

0 Helpful

clevett
Level 1
Level 1
In response to lgijssel

‎11-11-2002 01:35 PM

Thanks for the input. The routers are both active and running but have different IP addresses for both interenal and external addresses. Everything is running through the 1603 router until I can get the 1710 working as it should, then I will migrate the domain across to the new IP addresses and decomission the 1603 router.

I will be going to site to run a debug on "ip nat" to see if I can get anymore information as to where my sessions are going.

0 Helpful

clevett
Level 1
Level 1

‎11-11-2002 03:11 PM

Debug output from "debug ip nat" as follows:

3d19h: NAT: s=y.y.y.y, d=x.x.x.x -> 192.168.0.2 [2931]

3d19h: NAT: s=y.y.y.y, d=x.x.x.x -> 192.168.0.2 [2935]

3d19h: NAT: s=y.y.y.y, d=x.x.x.x -> 192.168.0.2 [2937]

3d20h: NAT: expiring y.y.y.y (x.x.x.x) tcp 25 (25)

From this I gather that the router is sending through to 192.168.0.2 correctly but not recieving a response back. The server is a Windows 2000 server and I have tried changing the default gateway on it but it doesn't seem to make a difference (although I didn't do a full shutdown and restart as 2000 should handle the change in default gateway).

Any other comments ?

0 Helpful

mklaphek
Level 1
Level 1

‎11-12-2002 10:35 AM

Are you sure that your server isn't receiving the information from your 1700 router and sending it out on the 1600 router? What's the default gateway of the server that's listening on port 25?

0 Helpful

clevett
Level 1
Level 1
In response to mklaphek

‎11-18-2002 04:00 PM

Solved .... thanks for the help. You were right I did a "show ip nat translations" on the other router and there was my traffic. The default gateway was sending it though. As the system was already live and running through the 1603 router I had to schedule a downtime and test it with the corect default gateways and it worked perfectly.

Thanks to both lgijssel and mklaphek for pointing me in the right direction.

Cheers

0 Helpful
Customers Also Viewed These Support Documents