Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

NAT ISSUE HELP !!

Hi ,

I have got a nat problem I believe ;I am a novice hence this query .

Ok issue is VPN client cant access internal network .Vpn Client connects ok .

Some error messages on pix console when i try and ping inside network are .

No translation group found for udp src outside:100.100.25.100/137 dst inside:100.100.1.98/137

No translation group found for udp src outside:100.100.25.100/137 dst inside:100.100.1.98/137

Network Config

Inside Network 100.100.1.XXX

OutSide Network say 40.40.204.xxx

PIX VPN INSIDE 100.100.1.4

PIX VPN OUTSIDE 40.40.204.4

default border router 40.40.204.1

access-list 90 permit ip 100.0.0.0 255.255.255.0 100.100.25.0 255.255.255.0 (hitcnt=0)

nat (inside) 0 access-list 90

Now the Inside network has a gateway to a router 100.100.1.251

whose config is

interface Ethernet0/0

ip address 100.100.1.251 255.255.255.0

ip access-group 102 in

ip nat inside

interface Ethernet0/1

ip address 40.40.204.23 255.255.255.0

ip access-group 101 in

ip nat outside

ip nat pool ovrld 40.40.204.240 40.40.204.240 netmask 255.255.255.0

ip nat inside source list 7 pool ovrld overload

ip classless

ip route 0.0.0.0 0.0.0.0 40.40204.1

ip route 100.100.0.0 255.255.0.0 100.100.1.254

!

access-list 7 permit 100.100.0.0 0.0.255.255

access-list 101 permit ip any any

access-list 102 permit icmp any any echo

access-list 102 permit ip 100.0.0.0 0.255.255.255 100.0.0.0 0.255.255.255

access-list 102 permit ip any 40.40.204.0 0.0.0.255

access-list 102 deny ip any any

Inside Pool given to road warrior using l2tp ipsec win2k client 100.100.25.10 -100.100.25.20

regards

Raj .

1 REPLY
Cisco Employee

Re: NAT ISSUE HELP !!

Hi Raj,

This log appears when a NAT and global command cannot be found for a protocol. The protocol can be TCP, UDP, or ICMP, kindly check your Statics/Globals as they maybe causing this.

Hope this helps,

Thanks and Regards,

Aamir Waheed,

Cisco Systems, Inc.

CCIE#8933

-=-=-=-

93
Views
0
Helpful
1
Replies
CreatePlease to create content