03-28-2002 03:27 AM - edited 03-01-2019 09:03 PM
I have a 2611 router which I use for internet connection. I have 4 administratively up interfaces. Ian using NAT inside for the three inside interfaces and and NAT outside for the Internet connection interface. I have a pool of 4 legal ip addresses which I overload with about 100 illegal internal IP addresses. Once i permit these illegal ip addresses access I get connection to the internet. After some hours this translation no longer takes effect. I try to clear the translation and restart my internet nothing happens and the translations do not take effect. If I use 1-1 static NAT the internet commes back. So I dont know what is causing my dynamic Nat just to halt like that. My Nat configuration is as follows.
ethernet o/o
ip nat inside
ethernet o/1
ip nat inside
serial 0/1
ip nat inside
serial 0/0
ip nat outside
ip nat pool Internet_access X.X.X.80 X.X.X.83 prefix-length 24
ip nat inside source list 7 pool Internet_access overload
access-list 7 permit X.X.X.0 0.0.0.200
03-28-2002 07:21 AM
Have you tried just using PAT with only one IP address in the pool?. When you do a "sh ip nat tr", are there more than 4 internal addresses being translated?
RJ
03-28-2002 07:32 AM
no i havent tried the pat command and i dont know how to use it
03-28-2002 07:43 AM
Your access-list looks very strange. I don't think it would cause things to work then stop... more likely some machines would never work and some would always work. DHCP could confuse the matter.
What is the mask you use on your internal machines? If its a /24, change your access-list to:
access-list 7 permit x.x.x.0 0.0.0.255
Also, using 4 addresses in an overload is a huge waste. PAT will cycle through the first address... roughly 64000 entries before it move on to the next.
Mick.
03-28-2002 07:48 AM
Just a question
How can I specify TCP port range for global inside or global outside address?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide