Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
991
Views
0
Helpful
1
Replies

I CAN NOT ACCESS THE INTERNET THROUGHOUT THE BROWSER AFTER CONFIGURING NAT

christiankidimbu1
Level 1
Level 1

‎11-11-2019 04:44 AM

Hello guys !

 

As I mentioned in the title, I configured nat with the purpose of letting a couple of hosts to access the internet but it not working. Can you please help me ?

 

Here are my config and "show ip nat translations" output


RtrPodx#show run
Building configuration...


Current configuration : 3075 bytes
!
! Last configuration change at 11:13:17 UTC Mon Nov 11 2019
!
version 15.7
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname RtrPodx
!
boot-start-marker
boot-end-marker
!
!
! card type command needed for slot/vwic-slot 0/1
enable secret 5 $1$7mQS$VSe6tAoZVeSQDNNrwbZQv0
!
no aaa new-model
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!


!
ip dhcp excluded-address 172.25.140.1 172.25.140.10
ip dhcp excluded-address 172.35.140.1 172.35.140.10
ip dhcp excluded-address 192.168.15.1 192.168.15.30
!
ip dhcp pool Data
network 172.25.140.0 255.255.255.0
default-router 172.25.140.1
option 150 ip 172.25.140.1
!
ip dhcp pool Voice
network 172.35.140.0 255.255.255.0
default-router 172.35.140.1
!
ip dhcp pool VirtualServers
network 192.168.15.0 255.255.255.0
default-router 192.168.15.1
!
!
!
no ip domain lookup
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
voice-card 0
!
!
!
!
!
!
!
!
vxml logging-tag
license udi pid CISCO2911/K9 sn FJC2013A1CB
license boot module c2900 technology-package datak9
hw-module pvdm 0/0
!
!
!
!
redundancy
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
no ip address
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/0.25
description Data VLAN
encapsulation dot1Q 25
ip address 172.25.140.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface GigabitEthernet0/0.35
description Voice VLAN
encapsulation dot1Q 35
ip address 172.35.140.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface GigabitEthernet0/0.40
description VirtualServers VLAN
encapsulation dot1Q 40
ip address 192.168.15.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface GigabitEthernet0/1
ip address 95.128.17.114 255.255.255.248
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/2
no ip address
shutdown
duplex auto
speed auto
!
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip nat pool test 95.128.17.114 95.128.17.119 prefix-length 29
ip nat inside source list 7 pool test
ip nat inside source static 172.25.140.11 95.128.17.115
!
ipv6 ioam timestamp
!
!
!
control-plane
!
!
voice-port 0/0/0
!
voice-port 0/0/1
!
voice-port 0/0/2
!
voice-port 0/0/3
!
!
!
!
!
mgcp behavior rsip-range tgcp-only
mgcp behavior comedia-role none
mgcp behavior comedia-check-media-src disable
mgcp behavior comedia-sdp-force disable
!
mgcp profile default
!
!
!
!
!
!
!
gatekeeper
shutdown
!
!
line con 0
exec-timeout 120 0
password 7 106D000A0618324047557878
logging synchronous
login
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport output lat pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
password 7 106D000A0618324047557878
login
transport input none
line vty 5 15
password 7 106D000A0618324047557878
login
transport input none
!
scheduler allocate 20000 1000
!
end

RtrPodx#

RtrPodx#show ip nat translations
Pro Inside global Inside local Outside local Outside global
udp 95.128.17.115:1434 172.25.140.11:1434 146.88.240.4:46920 146.88.240.4:46920
tcp 95.128.17.115:3305 172.25.140.11:3305 185.153.199.2:54742 185.153.199.2:54742
tcp 95.128.17.115:8877 172.25.140.11:8877 185.153.197.116:41401 185.153.197.116:41401
tcp 95.128.17.115:9901 172.25.140.11:9901 45.136.111.65:58935 45.136.111.65:58935
tcp 95.128.17.115:10003 172.25.140.11:10003 45.136.111.65:58935 45.136.111.65:58935
tcp 95.128.17.115:11771 172.25.140.11:11771 185.176.27.2:8080 185.176.27.2:8080
tcp 95.128.17.115:11929 172.25.140.11:11929 185.176.27.2:8080 185.176.27.2:8080
tcp 95.128.17.115:33804 172.25.140.11:33804 185.175.93.105:52337 185.175.93.105:52337
tcp 95.128.17.115:33887 172.25.140.11:33887 185.153.197.116:41401 185.153.197.116:41401
tcp 95.128.17.115:35100 172.25.140.11:35100 185.143.223.116:58715 185.143.223.116:58715
tcp 95.128.17.115:35291 172.25.140.11:35291 185.143.223.116:58715 185.143.223.116:58715
tcp 95.128.17.115:47487 172.25.140.11:47487 92.119.160.106:58258 92.119.160.106:58258
Pro Inside global Inside local Outside local Outside global
tcp 95.128.17.115:47491 172.25.140.11:47491 92.119.160.106:58258 92.119.160.106:58258
tcp 95.128.17.115:62260 172.25.140.11:62260 81.22.45.65:45579 81.22.45.65:45579
tcp 95.128.17.115:63300 172.25.140.11:63300 92.119.160.107:45682 92.119.160.107:45682
--- 95.128.17.115 172.25.140.11 --- ---
RtrPodx#

 

Thanks in advance.

 

Christian

 

Labels:
0 Helpful
1 Reply 1

christiankidimbu1
Level 1
Level 1

‎11-11-2019 04:50 AM

I forgot to add this :
IP NAT debugging is on
RtrPodx#
*Nov 11 12:14:13.102: NAT: expiring 95.128.17.115 (172.25.140.11) tcp 10649 (10649)
RtrPodx#
*Nov 11 12:14:15.326: NAT*: s=45.136.111.65, d=95.128.17.115->172.25.140.11 [51829]
*Nov 11 12:14:15.954: NAT*: s=185.209.0.89, d=95.128.17.115->172.25.140.11 [65381]
RtrPodx#
*Nov 11 12:14:18.762: NAT*: s=185.176.27.242, d=95.128.17.115->172.25.140.11 [48747]
*Nov 11 12:14:19.406: NAT*: s=45.136.110.45, d=95.128.17.115->172.25.140.11 [1592]
RtrPodx#
*Nov 11 12:14:21.098: NAT*: s=81.22.45.65, d=95.128.17.115->172.25.140.11 [56859]
*Nov 11 12:14:21.234: NAT*: s=185.176.27.242, d=95.128.17.115->172.25.140.11 [14336]
*Nov 11 12:14:21.762: NAT*: s=185.176.27.242, d=95.128.17.115->172.25.140.11 [48747]
RtrPodx#
*Nov 11 12:14:24.218: NAT*: s=185.153.197.116, d=95.128.17.115->172.25.140.11 [59611]
*Nov 11 12:14:24.954: NAT*: s=185.209.0.89, d=95.128.17.115->172.25.140.11 [65381]
RtrPodx#
*Nov 11 12:14:27.438: NAT: expiring 95.128.17.115 (172.25.140.11) tcp 4986 (4986)
*Nov 11 12:14:27.762: NAT*: s=185.176.27.242, d=95.128.17.115->172.25.140.11 [48747]
RtrPodx#
*Nov 11 12:14:28.462: NAT: expiring 95.128.17.115 (172.25.140.11) tcp 22224 (22224)
RtrPodx#
*Nov 11 12:14:30.458: NAT*: s=185.176.27.242, d=95.128.17.115->172.25.140.11 [18579]
*Nov 11 12:14:30.510: NAT: expiring 95.128.17.115 (172.25.140.11) tcp 5669 (5669)
*Nov 11 12:14:30.878: NAT*: s=185.176.27.2, d=95.128.17.115->172.25.140.11 [57541]
RtrPodx#
*Nov 11 12:14:34.606: NAT: expiring 95.128.17.115 (172.25.140.11) tcp 61323 (61323)
RtrPodx#
*Nov 11 12:14:35.718: NAT*: s=185.143.223.116, d=95.128.17.115->172.25.140.11 [64140]
RtrPodx#
*Nov 11 12:14:36.762: NAT*: s=185.176.27.242, d=95.128.17.115->172.25.140.11 [48747]
RtrPodx#no debug ip nat
*Nov 11 12:14:40.238: NAT: expiring 95.128.17.115 (172.25.140.11) tcp 61180 (61180)
*Nov 11 12:14:40.406: NAT*: s=45.136.110.45, d=95.128.17.115->172.25.140.11 [1592]
RtrPodx#no debug ip nat
IP NAT debugging is off
RtrPodx#
0 Helpful
Customers Also Viewed These Support Documents