Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

NAT Translations from two FastEthernet ports to outside

I have a customer who is using two FastEthernets with VLSM in RIP 2 environment with same ip address space.

The first FE uses a 192.168.1.0/25 and the FE0/1 uses a 192.168.1.128/26. The first FE nats just fine through the router. The second coming through a switch using dot1q trunk interfaces does not nat. I have checked and re-checked the config and the voice routes just fine, however data traffic will not resolve an address from DHCP to go out and grab a nat. Anyone have some direction on this?

3 REPLIES
Silver

Re: NAT Translations from two FastEthernet ports to outside

When you use the NAT router feature on a Catalyst 6500 with Supervisor Engine 1/2 and MSFC/MSFC2, packets that traverse the NAT outside interface can (in certain configurations) undergo software routing instead of Layer 3 (L3) switching. The software routing can occur regardless of whether the packets require translation. For packets that traverse the NAT outside interface, the redirection to MSFC for software routing should occur for only those packets that require NAT. Cisco IOS Software only translates traffic that traverses from NAT inside interfaces to NAT outside interfaces. Create the access control list (ACL) for use with NAT to be more specific. Have the ACL limit the software-handled packets to only those packets that require NAT translation. For example, if you use a general ACL, such as permit ip any any, to specify the traffic that requires NAT, all traffic inbound or outbound on the NAT outside interface is software routed. Traffic that does not originate in the NAT inside interfaces or have the NAT inside interfaces as a destination is also software routed. If you use a more specific ACL, such as permit ip 192.168.1.0 0.0.0.255 any, only the NAT outside traffic that matches the ACL is software routed.

Silver

Re: NAT Translations from two FastEthernet ports to outside

Can you please post your configuration?

New Member

Re: NAT Translations from two FastEthernet ports to outside

I have resolved this issue, I figured out why the DHCP to NAT translations were not working. It appears that when I split the IP Address off the DHCP network the server wasn't reconfigured to accept the second subnet. I also had a wrong Native VLAN attached to the interface of the switch. this prohibited traffic from forwarding correctly to the server and other entities.

105
Views
0
Helpful
3
Replies