Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

NAT in 2650s

Hello all,

I have the following configs for NAT in a Cisco2650XM:

ip nat inside source route-map nonat interface Serial0/0 overload

route-map nonat permit 10

match ip address nonat

ip access-list extended nonat

permit 192.168.85.0 0.0.0.255 any

interface FastEthernet0/0

ip address 192.168.85.1 255.255.255.0

ip nat inside

int ser0/0

ip address 1.1.1.1 255.255.255.0

ip nat outside

When i do "ping 4.2.2.2 source fa0/0", it is not successful.

The same configs are  applied  on a Cisco IAD 2431 nd the pings are successful.

Any reason as to why this difference is there?

Thanks

Mukundh

8 REPLIES

NAT in 2650s

hi mukundh,

have you configured a static default route on your 2650?

please post full config and topology map.

New Member

NAT in 2650s

Hi John

I dont have access to the router now. But apart from the configs I stated, the only other important line I could think about is the static default route as follows:

ip route 0.0.0.0 0.0.0.0 1.1.1.2

There are no other static routes or dynamic routing involved.

Thanks

Mukundh

NAT in 2650s

ok. is this a lab set up?

were you able to ping 1.1.1.2 from this router?

New Member

NAT in 2650s

Yes, it is a lba setup

I was able to ping 1.1.1.2 when i just enter "ping 1.1.1.2" in global mode but when i enter " ping 1.1.1.2 source fa0/0" there is no success.

NAT in 2650s

ok gotcha but i still need to see your full config and topology diagram.

make sure your 2650 FE0/0 is up/up.

also, kindly re-configure NAT and try again:

2650XM(config)#ip nat inside source list nonat interface serial 0/0 overload

New Member

NAT in 2650s

  • Trying using "ping 1.1.1.2 source 192.168.85.1".
  • Use "show ip nat translations" to verify that it was translated.
  • If this does not work, simply your configuration in all ways.
  • First, take out the route-map; just use the ACL.
  • Try "ip route 0.0.0.0 0.0.0.0 serial 0/0".
  • I am assuming this is a GNS3 lab.  If this is an actual setup, you may want to set serial0/0 to "ip address DHCP".
  • If it is a GNS3 lab, make sure you can ping 4.2.2.2 before you use NAT.
  • Always make sure there is a route back to the source.

This should help a bit.  Good luck!

Bronze

NAT in 2650s

You need to apply the policy map to fastethernet interface

ip policy route-map nonat

Hope this helps

Eugen

New Member

NAT in 2650s

Hi all,

There seems to be an IOS related bug. For some IOSes in 2650s natting for the ip address of fastethernet interface or LAN  interface doesnot take place.

Thanks all for your help!!!!

Mkundh

510
Views
0
Helpful
8
Replies
CreatePlease to create content