Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

NAT to single outside address

When using dynamic NAT to a single outside address what is the correct configuration. Using the configuration below does not allow me to ping any address on the the IP NAT Outside interface. Any suggestions?

interface Ethernet0/0

description WAN port

ip address 171.16.1.1 255.255.255.128

ip nat outside

no ip route-cache

full-duplex

!

interface FastEthernet0/0

description LAN port

ip address 10.20.10.1 255.255.255.0

ip nat inside

no ip route-cache

speed auto

full-duplex

!

ip nat log translations syslog

ip nat pool ovrld 171.16.1.1 171.16.1.1 prefix-length 25

ip nat inside source list 7 pool ovrld overload

ip classless

no ip http server

!

!

access-list 7 permit 10.20.10.0 0.0.0.255

Thank You.

1 REPLY
VIP Purple

Re: NAT to single outside address

Hello,

the configuration is ok. Can you check if you have a default route pointing to your Ethernet0/0, such as this:

ip route 0.0.0.0 0.0.0.0 Ethernet0/0

If this is the case, keep in mind that when you define an Ethernet interface as next hop, the router sends an Address Resolution Protocol (ARP) request for your destination address, which the router realizes is not on this interface. The ARP entry for this address is "Incomplete," as seen by the show arp command. An encapsulation failure then occurs as the router is unable to put the packet on the wire with no ARP entry.

In order to have external connectivity, you need the next hop IP address:

ip route 0.0.0.0 0.0.0.0 X.X.X.X

where X.X.X.X is the next hop IP address...

HTH,

GP

115
Views
0
Helpful
1
Replies
CreatePlease login to create content