Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

NAT configuration with GNS3. How I can test config?

I have configured this test config for learning NAT:

on router. How I can test and understood work of it?

Thank you!

access-list 1 remark ACL Category=2

access-list 1 permit 10.10.2.0 0.0.0.255

interface FastEthernet0/1

ip nat outside

exit

interface FastEthernet0/0

ip nat inside

exit

ip nat inside source list 1 interface FastEthernet0/1 overload

5 REPLIES
New Member

Re: NAT configuration with GNS3. How I can test config?

debug ip nat

*Mar 1 03:30:30.703: NAT: translation failed (F), dropping packet s=10.10.2.1 d=224.0.0.10

New Member

Re: NAT configuration with GNS3. How I can test config?

the topology is:

inside-10.10.2.1--192.168.0.1-outside---

New Member

Re: NAT configuration with GNS3. How I can test config?

With GNS3, you can simply see NAT functioning by configuring a nat setup between two connected routers. The transport is your choice but I used FastEthernet for simplicity.

R0 - NAT router

int loop1

ip add 10.0.0.1 255.255.255.0

ip nat in

!

int f0/0

ip add 192.168.0.1 255.255.255.252

ip nat out

!

access-list 1 per host 10.0.0.1

ip nat inside source list 1 interface f0/0 over

end

****************

R1

Configure FastEthernet interface

int f0/0

ip add 192.168.0.2 255.255.255.252

****************

Do a source ping from the loopback on the NAT router to the IP on R1 and view nat statistics and translations to see the attempt. Here is the output:

Router#ping 192.168.0.2 source 10.0.0.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.0.2, timeout is 2 seconds:

Packet sent with a source address of 10.0.0.1

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 4/8/12 ms

Router#sh ip nat stat

Total active translations: 1 (0 static, 1 dynamic; 1 extended)

Outside interfaces:

FastEthernet0/0

Inside interfaces:

Loopback1

Hits: 9 Misses: 1

Expired translations: 0

Dynamic mappings:

-- Inside Source

[Id: 1] access-list 1 interface FastEthernet0/0 refcount 1

Router#sh ip nat trans

Pro Inside global Inside local Outside local Outside global

icmp 192.168.0.1:0 10.0.0.1:0 192.168.0.2:0 192.168.0.2:0

You can do several scenarios and this is certainly not the only way to do it. However it will get you started and takes about <5 mins to set up.

Cheers

New Member

Re: NAT configuration with GNS3. How I can test config?

What should I do to test Misses?

Hits: 9 Misses: 1

New Member

Re: NAT configuration with GNS3. How I can test config?

Good doc on basic troubleshooting:

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080094c32.shtml

Misses are just an indicator of a translation that isn't in the translation table. Some initiations from an outside source might not be in the translation table and therefore log a miss. The document references ICMP echo in the particular case.

2104
Views
5
Helpful
5
Replies