Hi,
Do anyone can help how to troubleshoot why the static NAT setup not work ? How to issue debug ip nat on ISR4331 ?
Router A1 Config
interface GigabitEthernet0/0/0
ip address 172.25.251.30 255.255.255.224
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
negotiation auto
!
interface GigabitEthernet0/0/1
ip address 10.99.250.42 255.255.255.252
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip access-group Outside_ACL_In in
ip access-group Outside_ACL_Out out
speed 100
no negotiation auto
!
ip nat inside source static 172.25.221.83 10.146.128.43
ip nat outside source static 10.6.40.13 172.25.251.24
ip route 10.6.40.0 255.255.255.0 10.99.250.41
!
!
!
ip access-list extended Outside_ACL_In
permit ip 10.6.40.0 0.0.0.255 10.146.128.32 0.0.0.31 log
permit icmp any 10.146.128.32 0.0.0.31 log
permit icmp any host 10.99.250.42 log
deny icmp any any log
deny ip any any log
ip access-list extended Outside_ACL_Out
permit ip 10.146.128.32 0.0.0.31 10.6.40.0 0.0.0.255 log
permit icmp 10.146.128.32 0.0.0.31 any log
permit icmp host 10.99.250.42 any log
deny icmp any any log
deny ip any any log
!
!
RouterA1#sh ip nat trans
Pro Inside global Inside local Outside local Outside global
--- 10.146.128.43 172.25.221.83 --- ---
--- --- --- 172.25.251.24 10.6.40.13
Total number of translations: 2
From PC A
Z:\>ping 172.25.251.24
Pinging 172.25.251.24 with 32 bytes of data:
Reply from 172.25.251.30: bytes=32 time=1ms TTL=252
Reply from 172.25.251.30: bytes=32 time=1ms TTL=252
Reply from 172.25.251.30: bytes=32 time=1ms TTL=252
Reply from 172.25.251.30: bytes=32 time=1ms TTL=252
Ping statistics for 172.25.251.24:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 1ms, Average = 1ms
Z:\>tracert 172.25.251.24
Tracing route to 172.25.251.24 over a maximum of 30 hops
1 <1 ms <1 ms <1 ms 172.25.221.1
2 1 ms 1 ms 1 ms 172.25.251.30
3 1 ms 1 ms 1 ms 172.25.251.30
Trace complete.
Z:\>
Accepted Solutions
