Re: Configuring NAT-POOL Cisco 2501

nanohurtz · ‎06-25-2004

Configuring NAT-POOL Cisco 2501

I've inherited a network that includes a cisco 2501. One of the server ip's has changed from

192.168.0.1 to 192.168.0.2 and I need to edit the nat-pool to get emails from outside the

network. I can't figure out how to edit lines in the router.

Can someone tell me what are the specific command lines to edit an entry in the nat-pool

highlighted by the "<<<<< EDIT" marker.

Building configuration...

Current configuration:

!

version 12.0

service timestamps debug uptime

service timestamps log uptime

service password-encryption

!

hostname Router

!

enable password 7 071828405A0617544742

!

ip subnet-zero

ip name-server 141.151.0.68

!

interface Ethernet0

description connected to VCF

ip address 192.168.0.6 255.255.255.128

ip helper-address 192.168.0.1 <<<<< EDIT

no ip directed-broadcast

ip nat inside

!

interface Serial0

description connected to Point-to-Point Philadelphia 11/HCGS/276573//DS

ip address 141.151.50.190 255.255.255.252

no ip directed-broadcast

ip nat outside

!

interface Serial1

description connected to bibleschool

ip address 192.168.1.1 255.255.255.252

no ip directed-broadcast

ip nat inside

!

router rip

version 2

passive-interface Serial0

network 192.168.0.0

network 192.168.1.0

no auto-summary

!

ip nat pool GWWM-natpool-1 141.151.33.13 141.151.33.14 netmask 255.255.255.240

ip nat inside source list 1 pool GWWM-natpool-1 overload

ip nat inside source static 192.168.0.112 141.151.33.3

ip nat inside source static 192.168.0.6 141.151.33.1

ip nat inside source static 192.168.0.1 141.151.33.2 <<<<< EDIT

ip nat inside source static 192.168.0.8 141.151.33.6

ip nat inside source static 192.168.0.12 141.151.33.12

ip nat inside source static 192.168.0.7 141.151.33.5

ip nat inside source static 192.168.0.14 141.151.33.7

ip nat inside source static 192.168.0.16 141.151.33.8

ip nat inside source static 192.168.0.130 141.151.33.9

ip nat inside source static 192.168.0.10 141.151.33.11

ip classless

ip forward-protocol udp 135

ip route 0.0.0.0 0.0.0.0 Serial0

!

access-list 1 permit 192.168.0.0 0.0.0.127

access-list 1 permit 192.168.1.0 0.0.0.3

access-list 1 permit 192.168.0.128 0.0.0.15

snmp-server community public RO

!

line con 0

exec-timeout 0 0

password 7 13061F07190F0C

login

transport input none

line aux 0

line vty 0 4

password 7 01100E1149080E

login

!

end

dbellazetin · ‎06-25-2004

Step by step instructions.

Router#config t

Router(config)#no ip nat inside source static 192.168.0.1 141.151.33.2

Router(config)#ip nat inside source static 192.168.0.2 141.151.33.2

Router(config)#end

Router#write memory

Verify connectivity by using e mail. In Cisco IOS for the most part you can remove commands by placing a "no" in front of it.

Hope this helps.

Dan

dbellazetin@hotmail.com

nanohurtz · ‎06-26-2004

This is *extremely* helpful I can't thank you enough. I was able to change the ip helper, but when I attempt to do the same with the NAT entries it tells me that it is in use. Now I know that 192.168.0.6 is internal router IP and there are maybe 2 other servers resolving to the xxx.xxx.33.xxx addresses. Should I shut down the servers to enable the changes?

olorunloba · ‎06-26-2004

Issue a clear ip nat translation * before removing the entry. If this does not work, (because traffic passed and was translated), remove the command ip nat inside from the inside interface, then clear ip nat translations, then remove the nat line. After this, add the ip nat inside back to the inside itnerface. This should work.