Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
973
Views
5
Helpful
4
Replies

Cisco 1010 BV11 - Created sub vlan#2 as GUEST

Said Al Salmi
Level 1
Level 1

‎02-23-2023 09:50 AM

I'm getting the IP address of the new Vlan but am not able to browse the internet! no connection. 

I think the issue is with the access list and NAT but I'm not able to spot it. 

New VLAN  2 was added under - ethernet 1/2 as a subinterface. 

please advise with steps --- 

thank you 

4 Replies 4

Rob Ingram
VIP
VIP

‎02-23-2023 10:11 AM - edited ‎02-23-2023 10:12 AM

@Said Al Salmi Provide screenshots of what you've configured.

Is DHCP configured and do computers get an IP address in VLAN2? Do the computers have a DNS server to resolve hostnames?

From the CLI run "show nat detail" and provide the output.

0 Helpful

Said Al Salmi
Level 1
Level 1
In response to Rob Ingram

‎02-24-2023 04:07 AM - edited ‎02-24-2023 04:08 AM

 

 

Please find the details - 

Yes, I can get the IP address from VLAN2. For the DNS I have enabled the firewall (Vlan2) as DNS provider. please see the attached photos. 

> show nat detail
Manual NAT Policies (Section 1)
1 (inside_8) to (outside) source dynamic any-ipv4 interface
translate_hits = 0, untranslate_hits = 0
Source - Origin: 0.0.0.0/0, Translated: 192.168.100.4/24
2 (inside_7) to (outside) source dynamic any-ipv4 interface
translate_hits = 0, untranslate_hits = 0
Source - Origin: 0.0.0.0/0, Translated: 192.168.100.4/24
3 (inside_6) to (outside) source dynamic any-ipv4 interface
translate_hits = 0, untranslate_hits = 0
Source - Origin: 0.0.0.0/0, Translated: 192.168.100.4/24
4 (inside_5) to (outside) source dynamic any-ipv4 interface
translate_hits = 0, untranslate_hits = 0
Source - Origin: 0.0.0.0/0, Translated: 192.168.100.4/24
5 (inside_4) to (outside) source dynamic any-ipv4 interface
translate_hits = 0, untranslate_hits = 0
Source - Origin: 0.0.0.0/0, Translated: 192.168.100.4/24
6 (inside_3) to (outside) source dynamic any-ipv4 interface
translate_hits = 4403, untranslate_hits = 3
Source - Origin: 0.0.0.0/0, Translated: 192.168.100.4/24
7 (inside_2) to (outside) source dynamic any-ipv4 interface
translate_hits = 0, untranslate_hits = 0
Source - Origin: 0.0.0.0/0, Translated: 192.168.100.4/24
8 (guest-wifi) to (outside) source dynamic any-ipv4 interface
translate_hits = 0, untranslate_hits = 0
Source - Origin: 0.0.0.0/0, Translated: 192.168.100.4/24

Auto NAT Policies (Section 2)
1 (nlp_int_tap) to (inside_8) source static nlp_server_0_http_intf10 interface service tcp https https
translate_hits = 0, untranslate_hits = 0
Source - Origin: 169.254.1.3/32, Translated: 10.206.167.1/24
Service - Protocol: tcp Real: https Mapped: https
2 (nlp_int_tap) to (inside_2) source static nlp_server_0_http_intf3 interface s ervice tcp https https
translate_hits = 0, untranslate_hits = 0
Source - Origin: 169.254.1.3/32, Translated: 10.206.167.1/24
Service - Protocol: tcp Real: https Mapped: https
3 (nlp_int_tap) to (inside_3) source static nlp_server_0_http_intf5 interface s ervice tcp https https
translate_hits = 0, untranslate_hits = 447
Source - Origin: 169.254.1.3/32, Translated: 10.206.167.1/24
Service - Protocol: tcp Real: https Mapped: https
4 (nlp_int_tap) to (inside_4) source static nlp_server_0_http_intf6 interface s ervice tcp https https
translate_hits = 0, untranslate_hits = 0
Source - Origin: 169.254.1.3/32, Translated: 10.206.167.1/24
Service - Protocol: tcp Real: https Mapped: https
5 (nlp_int_tap) to (inside_5) source static nlp_server_0_http_intf7 interface s ervice tcp https https
translate_hits = 0, untranslate_hits = 0
Source - Origin: 169.254.1.3/32, Translated: 10.206.167.1/24
Service - Protocol: tcp Real: https Mapped: https
6 (nlp_int_tap) to (inside_6) source static nlp_server_0_http_intf8 interface s ervice tcp https https
translate_hits = 0, untranslate_hits = 0
Source - Origin: 169.254.1.3/32, Translated: 10.206.167.1/24
Service - Protocol: tcp Real: https Mapped: https
7 (nlp_int_tap) to (inside_7) source static nlp_server_0_http_intf9 interface s ervice tcp https https
translate_hits = 0, untranslate_hits = 0
Source - Origin: 169.254.1.3/32, Translated: 10.206.167.1/24
Service - Protocol: tcp Real: https Mapped: https
8 (nlp_int_tap) to (inside_8) source static nlp_server_0_ssh_intf10 interface s ervice tcp ssh ssh
translate_hits = 0, untranslate_hits = 0
Source - Origin: 169.254.1.3/32, Translated: 10.206.167.1/24
Service - Protocol: tcp Real: ssh Mapped: ssh
9 (nlp_int_tap) to (inside_2) source static nlp_server_0_ssh_intf3 interface se rvice tcp ssh ssh
translate_hits = 0, untranslate_hits = 0
Source - Origin: 169.254.1.3/32, Translated: 10.206.167.1/24
Service - Protocol: tcp Real: ssh Mapped: ssh
10 (nlp_int_tap) to (inside_3) source static nlp_server_0_ssh_intf5 interface s ervice tcp ssh ssh
translate_hits = 0, untranslate_hits = 1
Source - Origin: 169.254.1.3/32, Translated: 10.206.167.1/24
Service - Protocol: tcp Real: ssh Mapped: ssh
11 (nlp_int_tap) to (inside_4) source static nlp_server_0_ssh_intf6 interface s ervice tcp ssh ssh
translate_hits = 0, untranslate_hits = 0
Source - Origin: 169.254.1.3/32, Translated: 10.206.167.1/24
Service - Protocol: tcp Real: ssh Mapped: ssh
12 (nlp_int_tap) to (inside_5) source static nlp_server_0_ssh_intf7 interface s ervice tcp ssh ssh
translate_hits = 0, untranslate_hits = 0
Source - Origin: 169.254.1.3/32, Translated: 10.206.167.1/24
Service - Protocol: tcp Real: ssh Mapped: ssh
13 (nlp_int_tap) to (inside_6) source static nlp_server_0_ssh_intf8 interface s ervice tcp ssh ssh
translate_hits = 0, untranslate_hits = 0
Source - Origin: 169.254.1.3/32, Translated: 10.206.167.1/24
Service - Protocol: tcp Real: ssh Mapped: ssh
14 (nlp_int_tap) to (inside_7) source static nlp_server_0_ssh_intf9 interface s ervice tcp ssh ssh
translate_hits = 0, untranslate_hits = 0
Source - Origin: 169.254.1.3/32, Translated: 10.206.167.1/24
Service - Protocol: tcp Real: ssh Mapped: ssh
15 (nlp_int_tap) to (inside_8) source static nlp_server_0_ssh_ipv6_intf10 interf ace ipv6 service tcp ssh ssh
translate_hits = 0, untranslate_hits = 0
Source - Origin: fd00:0:0:1::3/128, Translated:
Service - Protocol: tcp Real: ssh Mapped: ssh
16 (nlp_int_tap) to (inside_2) source static nlp_server_0_ssh_ipv6_intf3 interfa ce ipv6 service tcp ssh ssh
translate_hits = 0, untranslate_hits = 0
Source - Origin: fd00:0:0:1::3/128, Translated:
Service - Protocol: tcp Real: ssh Mapped: ssh
17 (nlp_int_tap) to (inside_3) source static nlp_server_0_ssh_ipv6_intf5 interfa ce ipv6 service tcp ssh ssh
translate_hits = 0, untranslate_hits = 0
Source - Origin: fd00:0:0:1::3/128, Translated:
Service - Protocol: tcp Real: ssh Mapped: ssh
18 (nlp_int_tap) to (inside_4) source static nlp_server_0_ssh_ipv6_intf6 interfa ce ipv6 service tcp ssh ssh
translate_hits = 0, untranslate_hits = 0
Source - Origin: fd00:0:0:1::3/128, Translated:
Service - Protocol: tcp Real: ssh Mapped: ssh
19 (nlp_int_tap) to (inside_5) source static nlp_server_0_ssh_ipv6_intf7 interfa ce ipv6 service tcp ssh ssh
translate_hits = 0, untranslate_hits = 0
Source - Origin: fd00:0:0:1::3/128, Translated:
Service - Protocol: tcp Real: ssh Mapped: ssh
20 (nlp_int_tap) to (inside_6) source static nlp_server_0_ssh_ipv6_intf8 interfa ce ipv6 service tcp ssh ssh
translate_hits = 0, untranslate_hits = 0
Source - Origin: fd00:0:0:1::3/128, Translated:
Service - Protocol: tcp Real: ssh Mapped: ssh
21 (nlp_int_tap) to (inside_7) source static nlp_server_0_ssh_ipv6_intf9 interfa ce ipv6 service tcp ssh ssh
translate_hits = 0, untranslate_hits = 0
Source - Origin: fd00:0:0:1::3/128, Translated:
Service - Protocol: tcp Real: ssh Mapped: ssh
22 (nlp_int_tap) to (inside_8) source dynamic nlp_client_0_intf10 interface
translate_hits = 0, untranslate_hits = 0
Source - Origin: 169.254.1.3/32, Translated: 10.206.167.1/24
23 (nlp_int_tap) to (diagnostic) source dynamic nlp_client_0_intf11 interface
translate_hits = 0, untranslate_hits = 0
Source - Origin: 169.254.1.3/32, Translated: 0.0.0.0/32
24 (nlp_int_tap) to (outside) source dynamic nlp_client_0_intf2 interface
translate_hits = 4515, untranslate_hits = 2
Source - Origin: 169.254.1.3/32, Translated: 192.168.100.4/24
25 (nlp_int_tap) to (inside_2) source dynamic nlp_client_0_intf3 interface
translate_hits = 0, untranslate_hits = 0
Source - Origin: 169.254.1.3/32, Translated: 10.206.167.1/24
26 (nlp_int_tap) to (guest-wifi) source dynamic nlp_client_0_intf4 interface
translate_hits = 0, untranslate_hits = 0
Source - Origin: 169.254.1.3/32, Translated: 10.205.155.1/24
27 (nlp_int_tap) to (inside_3) source dynamic nlp_client_0_intf5 interface
translate_hits = 0, untranslate_hits = 0
Source - Origin: 169.254.1.3/32, Translated: 10.206.167.1/24
28 (nlp_int_tap) to (inside_4) source dynamic nlp_client_0_intf6 interface
translate_hits = 0, untranslate_hits = 0
Source - Origin: 169.254.1.3/32, Translated: 10.206.167.1/24
29 (nlp_int_tap) to (inside_5) source dynamic nlp_client_0_intf7 interface
translate_hits = 0, untranslate_hits = 0
Source - Origin: 169.254.1.3/32, Translated: 10.206.167.1/24
30 (nlp_int_tap) to (inside_6) source dynamic nlp_client_0_intf8 interface
translate_hits = 0, untranslate_hits = 0
Source - Origin: 169.254.1.3/32, Translated: 10.206.167.1/24
31 (nlp_int_tap) to (inside_7) source dynamic nlp_client_0_intf9 interface
translate_hits = 0, untranslate_hits = 0
Source - Origin: 169.254.1.3/32, Translated: 10.206.167.1/24
32 (nlp_int_tap) to (inside_8) source dynamic nlp_client_0_ipv6_intf10 interface ipv6
translate_hits = 0, untranslate_hits = 0
Source - Origin: fd00:0:0:1::3/128, Translated:
33 (nlp_int_tap) to (diagnostic) source dynamic nlp_client_0_ipv6_intf11 interfa ce ipv6
translate_hits = 0, untranslate_hits = 0
Source - Origin: fd00:0:0:1::3/128, Translated:
34 (nlp_int_tap) to (outside) source dynamic nlp_client_0_ipv6_intf2 interface i pv6
translate_hits = 0, untranslate_hits = 0
Source - Origin: fd00:0:0:1::3/128, Translated: 2001:1670:10:7b39:7abc:1aff: fe71:6d5e/128
35 (nlp_int_tap) to (inside_2) source dynamic nlp_client_0_ipv6_intf3 interface ipv6
translate_hits = 0, untranslate_hits = 0
Source - Origin: fd00:0:0:1::3/128, Translated:
36 (nlp_int_tap) to (guest-wifi) source dynamic nlp_client_0_ipv6_intf4 interfac e ipv6
translate_hits = 0, untranslate_hits = 0
Source - Origin: fd00:0:0:1::3/128, Translated:
37 (nlp_int_tap) to (inside_3) source dynamic nlp_client_0_ipv6_intf5 interface ipv6
translate_hits = 0, untranslate_hits = 0
Source - Origin: fd00:0:0:1::3/128, Translated:
38 (nlp_int_tap) to (inside_4) source dynamic nlp_client_0_ipv6_intf6 interface ipv6
translate_hits = 0, untranslate_hits = 0
Source - Origin: fd00:0:0:1::3/128, Translated:
39 (nlp_int_tap) to (inside_5) source dynamic nlp_client_0_ipv6_intf7 interface ipv6
translate_hits = 0, untranslate_hits = 0
Source - Origin: fd00:0:0:1::3/128, Translated:
40 (nlp_int_tap) to (inside_6) source dynamic nlp_client_0_ipv6_intf8 interface ipv6
translate_hits = 0, untranslate_hits = 0
Source - Origin: fd00:0:0:1::3/128, Translated:
41 (nlp_int_tap) to (inside_7) source dynamic nlp_client_0_ipv6_intf9 interface ipv6
translate_hits = 0, untranslate_hits = 0
Source - Origin: fd00:0:0:1::3/128, Translated:

Preview file
23 KB
Preview file
13 KB
Preview file
149 KB
Preview file
189 KB
0 Helpful

Said Al Salmi
Level 1
Level 1
In response to Rob Ingram

‎02-25-2023 04:58 AM - edited ‎02-25-2023 05:46 AM

I think I resolved the issue it was NAT and Access list -- --------------

----------------------------------------------

I need to forward one port 

DSM_OBJ - 10.200.222.130 port 1194 

NAS IP: 10.200.200.222.130 

NAS PORT: 1194 

I need forward the port through the firewall 

 

 

Preview file
289 KB
Preview file
133 KB
0 Helpful

Said Al Salmi
Level 1
Level 1
In response to Said Al Salmi

‎02-25-2023 09:36 PM - edited ‎02-26-2023 12:56 AM

Anyone would support the request? Please. The port is used to run an open VPN through NAS server —

Preview file
145 KB
Preview file
230 KB
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card