Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
369
Views
0
Helpful
6
Replies

NAT Problems

Craig Norborg
Level 4
Level 4

‎09-23-2004 06:22 AM - edited ‎03-02-2019 06:42 PM

I know I must be missing something easy here, never had these problems with NAT before...

We have a direct connection between us and a customer of ours. They were using some IP addressing that we were using elsewhere, so we decided to NAT the small subnet they were on to IP's of our choosing on our side. However, it appears to be working, but only for 1 connection at a time. If a second telnet from our side try's to go through to their network, it stops dead. Any ideas what I have wrong?

Basic configuration below:

interface FastEthernet0/0

description Our Network

ip address 192.168.242.193 255.255.255.240

ip nat outside

!

interface FastEthernet0/1

description Customers Network

ip address 192.168.204.200 255.255.255.240

ip nat inside

!

ip nat inside source static 192.168.204.195 192.168.242.195

ip nat inside source static 192.168.204.196 192.168.242.196

Labels:
0 Helpful
6 Replies 6

Georg Pauwen
VIP
VIP

‎09-23-2004 06:41 AM

Hello,

your configuration allows only the hosts with IP addresses 192.168.204.195 and 192.168.204.196 to communicate. You can better use PAT, the configuration would look like this:

interface FastEthernet0/0

description Our Network

ip address 192.168.242.193 255.255.255.240

ip nat outside

!

interface FastEthernet0/1

description Customers Network

ip address 192.168.204.200 255.255.255.240

ip nat inside

!

ip nat inside source list 1 interface FastEthernet0/0 overload

!

access-list 1 permit 192.168.204.192 0.0.0.15

Can you try and see if this works better ?

Regards,

Georg

www.solutionfinders.nl

0 Helpful

Craig Norborg
Level 4
Level 4
In response to Georg Pauwen

‎09-23-2004 06:50 AM

Well, that wouldn't work because we need to get to certain servers on our customers network (ie: 194 and 195 for now) on multiple ports. We need to be able to always know that 192.168.242.195 is always their 192.168.204.195 server. PAT would allow for multiple hosts on their network to access anywhere on our network, which is something we want to avoid actually...

0 Helpful

dbellazetin
Level 4
Level 4

‎09-23-2004 08:54 AM

Can you be a little more specific. A second telnet to the same device or to the other device? When it stops dead do you mean the first telnet session breaks and the second is not successful?

Daniel

0 Helpful

Craig Norborg
Level 4
Level 4
In response to dbellazetin

‎09-23-2004 09:53 AM

Same device. The first session still works, the second never connects. If I turn on NAT debug, I can see the first session having traffic going to/from the destination. The second connection I see traffic going to the destination, but not from...

0 Helpful

dbellazetin
Level 4
Level 4
In response to Craig Norborg

‎09-27-2004 06:05 AM

Craig,

If you are telneting to the same port that you have already established a connection then you will not get a second session to work unless the device you are connecting to supports multiple sessions because the port is already tied up.

If you see traffic going to the destination from the router than why would you think its a problem with the router? I would try to investigate why the device is not sending anything back.

If you think its a problem with NAT then why don't you try opening up two telnet sessions from the router and see if they work. This will eliminate NAT.

Daniel

0 Helpful

matityahu
Level 1
Level 1

‎09-26-2004 12:25 PM

You might want to try outside AND inside NAT:

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_configuration_example09186a0080093f30.shtml

Hope this helps

Luis

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card