I just have a question: why doesn't dynamic NAT in my PT-lab operate at all?
The design includes 2 routers connected to each other via subnet of 126.96.36.199 /25 (router interface IPs: 188.8.131.52 and 42, interfaces Fa1/0 on Router1 and Fa0/0 on Router2). 2-2 hosts are connected to each router, which hosts have the IPs of 172.20.10.2 /28, 172.20.20.2 /28, 172.20.30.2 /28 and 172.20.40.2 /28 (gateway IPs are .1s from these subnets - correctly configured on all the hosts). As I said, I'd like to make dynamic NAT work.
Configuration on the two routers are as follows:
interface FastEthernet0/0 ip address 172.20.10.1 255.255.255.240 ip nat inside duplex auto speed auto ! interface FastEthernet0/1 ip address 172.20.20.1 255.255.255.240 ip nat inside duplex auto speed auto ! interface FastEthernet1/0 ip address 184.108.40.206 255.255.255.128 ip access-group 11 out ip nat outside duplex auto speed auto
ip nat pool Test1 220.127.116.11 18.104.22.168 netmask 255.255.255.128 ip nat inside source list 11 pool Test1 ip classless ! access-list 11 permit 172.20.10.0 0.0.0.16 access-list 11 permit 172.20.20.0 0.0.0.16
interface FastEthernet0/0 ip address 22.214.171.124 255.255.255.128 ip access-group 22 out ip nat outside duplex auto speed auto ! interface FastEthernet0/1 ip address 172.20.30.1 255.255.255.240 ip nat inside duplex auto speed auto ! interface FastEthernet1/0 ip address 172.20.40.1 255.255.255.240 ip nat inside duplex auto speed auto
ip nat pool Test2 126.96.36.199 188.8.131.52 netmask 255.255.255.128 ip nat inside source list 22 pool Test2 ip classless ! access-list 22 permit 172.20.30.0 0.0.0.16 access-list 22 permit 172.20.40.0 0.0.0.16
Do you have any idea why this configuration doesn't work?
I think you need static NAT so each host is Natted to a specific IP address. because at the moment
say host 172.20.10.2 whats to communicate with host 172.20.40.2, it doesn't know address to use in the 184.108.40.206 - 10 range, so assign host 172.20.40.2 an address of 220.127.116.11, then 172.20.10.2 would then communicate with 18.104.22.168.
I corrected my configuration as you advised but it still doesn't work correctly.
This time I tried to make routers forward ICMP packets (ping) between the hosts before configuring static NAT but it didn't succeed, however, both routing tables have entries to all the subnets so I don't see the problem..
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...