Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
391
Views
0
Helpful
3
Replies

NAT Translation problems

mvelazquez
Level 1
Level 1

‎07-22-2003 03:35 PM - edited ‎03-02-2019 09:02 AM

I have this configuration :

interface FastEthernet0/0

no ip address

ip route-cache flow

duplex auto

speed auto

!

interface FastEthernet0/0.1

encapsulation isl 1

ip address 10.1.1.1 255.255.0.0

ip nat inside

ip policy route-map INTERNA

!

interface FastEthernet0/0.2

encapsulation isl 2

ip address 200.33.166.129 255.255.255.128

ip policy route-map SERVER

!

interface Serial0/0

bandwidth 128

ip unnumbered FastEthernet0/0.2

hold-queue 200 in

hold-queue 200 out

!

interface FastEthernet0/1

no ip address

duplex auto

speed auto

pppoe enable

pppoe-client dial-pool-number 1

!

interface Serial0/1

no ip address

shutdown

!

interface Dialer1

ip address negotiated

ip nat outside

encapsulation ppp

no ip mroute-cache

dialer pool 1

dialer-group 1

ppp authentication pap callin

ppp pap sent-username cttmexico password 7 xxxxxxx

!

ip nat translation timeout never

ip nat translation tcp-timeout never

ip nat translation udp-timeout never

ip nat translation syn-timeout never

ip nat translation icmp-timeout never

ip nat translation port-timeout tcp 80 never

ip nat translation max-entries 21474836

ip nat inside source list 1 interface Dialer1 overload

no ip http server

no ip http secure-server

ip classless

ip route 0.0.0.0 0.0.0.0 Dialer1

ip route 0.0.0.0 0.0.0.0 Serial0/0 200

!

access-list 1 permit 10.0.0.0 0.255.255.255

access-list 10 permit 10.1.0.4

access-list 10 permit 216.239.53.99

access-list 101 deny ip 200.33.166.128 0.0.0.127 10.1.0.0 0.0.255.255

access-list 101 permit ip any any

access-list 115 deny ip 10.1.0.0 0.0.255.255 200.33.166.128 0.0.0.127

access-list 115 permit ip any any

access-list 125 deny ip 10.0.0.0 0.255.255.255 200.33.166.128 0.0.0.127

access-list 125 permit ip any any

dialer-list 1 protocol ip permit

!

route-map SERVER permit 10

match ip address 101

set interface Serial0/0

!

route-map INTERNA permit 10

match ip address 125

set interface Dialer1

every thing was working fine until yesterday, now for example i cant browse www.google.com, but, and here is the funny stuff, i can ping www.google.com ?

is this a IOS bug problem?

what ios do you think will solve the problem?

my config is not good?

Labels:
0 Helpful
3 Replies 3

rjackson
Level 5
Level 5

‎07-23-2003 06:36 AM

You are not timing out any translations. Is it possible that enough conversations were dropped that you are near the configured limit? See how many translations are active.

0 Helpful

jcleary
Level 1
Level 1

‎07-23-2003 06:48 AM

If you put the IP address for Google in your web browser can you open it. Do you run a firewall?

0 Helpful

mvelazquez
Level 1
Level 1
In response to jcleary

‎07-23-2003 11:17 AM

I am not running any firewall ... i have a direct conecction to internet

0 Helpful
Customers Also Viewed These Support Documents