Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
803
Views
0
Helpful
8
Replies

NAT in 2650s

mukundh86
Level 1
Level 1

‎02-20-2012 04:21 PM - edited ‎03-04-2019 03:21 PM

Hello all,

I have the following configs for NAT in a Cisco2650XM:

ip nat inside source route-map nonat interface Serial0/0 overload

route-map nonat permit 10

match ip address nonat

ip access-list extended nonat

permit 192.168.85.0 0.0.0.255 any

interface FastEthernet0/0

ip address 192.168.85.1 255.255.255.0

ip nat inside

int ser0/0

ip address 1.1.1.1 255.255.255.0

ip nat outside

When i do "ping 4.2.2.2 source fa0/0", it is not successful.

The same configs are  applied  on a Cisco IAD 2431 nd the pings are successful.

Any reason as to why this difference is there?

Thanks

Mukundh

Labels:
0 Helpful
8 Replies 8

johnlloyd_13
Level 9
Level 9

‎02-20-2012 07:11 PM

hi mukundh,

have you configured a static default route on your 2650?

please post full config and topology map.

0 Helpful

mukundh86
Level 1
Level 1
In response to johnlloyd_13

‎02-20-2012 07:23 PM

Hi John

I dont have access to the router now. But apart from the configs I stated, the only other important line I could think about is the static default route as follows:

ip route 0.0.0.0 0.0.0.0 1.1.1.2

There are no other static routes or dynamic routing involved.

Thanks

Mukundh

0 Helpful

johnlloyd_13
Level 9
Level 9
In response to mukundh86

‎02-20-2012 07:29 PM

ok. is this a lab set up?

were you able to ping 1.1.1.2 from this router?

0 Helpful

mukundh86
Level 1
Level 1
In response to johnlloyd_13

‎02-20-2012 07:34 PM

Yes, it is a lba setup

I was able to ping 1.1.1.2 when i just enter "ping 1.1.1.2" in global mode but when i enter " ping 1.1.1.2 source fa0/0" there is no success.

0 Helpful

johnlloyd_13
Level 9
Level 9
In response to mukundh86

‎02-20-2012 07:44 PM

ok gotcha but i still need to see your full config and topology diagram.

make sure your 2650 FE0/0 is up/up.

also, kindly re-configure NAT and try again:

2650XM(config)#ip nat inside source list nonat interface serial 0/0 overload

0 Helpful

jas2061461
Level 1
Level 1

‎02-20-2012 08:45 PM

  • Trying using "ping 1.1.1.2 source 192.168.85.1".
  • Use "show ip nat translations" to verify that it was translated.
  • If this does not work, simply your configuration in all ways.
  • First, take out the route-map; just use the ACL.
  • Try "ip route 0.0.0.0 0.0.0.0 serial 0/0".
  • I am assuming this is a GNS3 lab.  If this is an actual setup, you may want to set serial0/0 to "ip address DHCP".
  • If it is a GNS3 lab, make sure you can ping 4.2.2.2 before you use NAT.
  • Always make sure there is a route back to the source.

This should help a bit.  Good luck!

0 Helpful

ebarticel
Level 4
Level 4

‎02-21-2012 04:03 PM

You need to apply the policy map to fastethernet interface

ip policy route-map nonat

Hope this helps

Eugen

0 Helpful

mukundh86
Level 1
Level 1
In response to ebarticel

‎02-21-2012 07:27 PM

Hi all,

There seems to be an IOS related bug. For some IOSes in 2650s natting for the ip address of fastethernet interface or LAN  interface doesnot take place.

Thanks all for your help!!!!

Mkundh

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card