Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
235
Views
0
Helpful
1
Replies

8.2.5 Static NAT issue

geloangelo00
Level 1
Level 1

‎09-01-2016 05:25 AM - edited ‎03-12-2019 01:13 AM

Hi Cisco Support,

Kindly help us as one of our translated server doesn't have internet access. We can ping and access the translated server outside but no internet access from the internal side. If we remove the static nat configuration, the server can now access the internet.

Hence that our public ip address is subnet /28 which is there are a lot of subnet range.

Please see attached configuration for your review. Hope we can solve this as soonest.

global (Outside) 1 interface
global (Outside2) 1 interface
nat (Inside) 0 access-list BypassNAT
nat (Inside) 1 10.63.11.0 255.255.255.0
nat (Inside) 1 10.63.32.0 255.255.224.0
nat (Inside) 1 10.63.64.0 255.255.224.0
static (Inside,Outside) 122.55.8.250 10.63.36.6 netmask 255.255.255.255 <- remove static nat and the server can now access the internet.

Thank you and best regards!

Labels:
Preview file
19 KB
0 Helpful
1 Reply 1

Pawan Raut
Level 4
Level 4

‎09-01-2016 11:27 PM

In order to dig out the issue Could you please provide the output for below command packet-tracer from your FW when you have the static nat statement present.

packet-tracer input inside tcp 10.63.36.6 1025 1.1.1.1 443 de

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card