Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Nat in multiple interface scenerio and different network

I have 2811 router at my HO on which 2 mpls link is terminated giving connectivity to client location and 1 internet link is also terminated in the same router. So in all there are four interface including 1 Lan interface.

I had configured the nating in my router which works fine for my local netowrk but the uers from the client locations are unable to connect to internet. I am unable to fine what is the issue.  I am attaching my running config for your refrence

please help its urgent

Thanks in Advance

1 REPLY
Bronze

Re: Nat in multiple interface scenerio and different network

Hi.

i'm assuming your client network is 10.2.8.0 (from the route on that client lan)?

in that case, your nat statement has:

ip nat inside source list LanPermit interface FastEthernet0/1/0 overload

so you are only natting traffic matching LanPermit acl.

this acl has:

ip access-list extended LanPermit
permit ip object-group Supreme any
deny   ip any any log-input

so you are only allowing to nat traffic coming from Supreme object-group going anywhere.

the object-group has:

object-group network Supreme
host 10.2.0.9
host 10.2.0.6
host 10.1.0.6
host 10.1.0.9
host 10.3.0.6
host 10.3.0.9
host 10.3.0.5
host 10.3.0.4
host 10.3.0.8
host 4.4.4.2
host 4.4.4.1

So basically only the hosts in the above object-group are allowed to be NATed, the rest as they don't match the LanPermit acl used by nat will not be Nated. and that explains why your client hosts fail when going to the internet as they are not NATed.

if i'm mistaken about the client location network(s), please indicate the addresses, and over which interface name does it come over.

Regards,

Fadi.

203
Views
0
Helpful
1
Replies
CreatePlease login to create content