Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2096
Views
0
Helpful
16
Replies

Problem with ip nat inside source static

marianares0001
Level 1
Level 1

‎05-07-2012 01:10 PM - edited ‎03-04-2019 04:17 PM

Hi,

I need to open a port in a Cisco 2911 router to permit the conexion to an equipment that is inside the LAN, but I my configuration doesn't workt.

I have 3 interfaces configured: two WAN interfaces (one is a backup of the other) and a LAN interface. The configuration is this (public IPs are changed):

track 1 ip sla 1 reachability

!

!

interface GigabitEthernet0/0

description backup

ip address 176.55.25.25 255.255.255.252

ip nat outside

ip virtual-reassembly in

load-interval 30

duplex auto

speed auto

!

interface GigabitEthernet0/1

description primary

ip address 192.168.2.2 255.255.255.252

ip nat outside

ip virtual-reassembly in

load-interval 30

duplex auto

speed auto

!

!

interface Vlan1

description LAN segment

ip address 192.168.1.1 255.255.255.0

ip nat inside

ip virtual-reassembly in

load-interval 30

!

ip forward-protocol nd

!

ip nat inside source route-map backup interface GigabitEthernet0/0 overload

ip nat inside source route-map primary interface GigabitEthernet0/1 overload

ip nat inside source static udp 192.168.1.3 6000 176.55.25.25 5995 extendable

ip route 0.0.0.0 0.0.0.0 192.168.2.1 track 1

ip route 0.0.0.0 0.0.0.0 176.55.25.26 254

!

ip sla 1

icmp-echo 95.110.100.100

threshold 2

timeout 4000

frequency 10

ip sla schedule 1 life forever start-time now

access-list 5 permit any

!

!

route-map backup permit 10

match ip address 5

match interface GigabitEthernet0/0

!

route-map primary permit 10

match ip address 5

match interface GigabitEthernet0/1

!

track 1 ip sla 1 reachability

!

I would appreciate if somebody could help me to find what is wrong in this configuration.

Thanks in advance

Labels:
0 Helpful
16 Replies 16

marianares0001
Level 1
Level 1
In response to Julio Carvajal

‎05-22-2012 10:16 AM

I'm sorry for not answering before. I couldn't debug because with some of the changes I lost the remote connection.

In the next days I will be able to continue testing.

Thanks to all for your help!

0 Helpful

marianares0001
Level 1
Level 1
In response to marianares0001

‎06-05-2012 07:10 AM

I am working to try to solve this problem again. Now I am trying to open Telnet port for that equipment. But, when I do:

Debug IP nat

Nothing regarding to nat is shown in the log.

When I do: show ip nat traslations there are no "Outside local" and "Outside global" for my command. Only:

 

tcp 176.52.162.14:5995 192.168.1.3:23

Thanks

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card