Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation

Who Me Too'd this topic

Need help getting simple Nat config to work

david.santel
Level 1
Level 1

‎08-20-2011 09:04 AM - edited ‎03-07-2019 01:48 AM

I can't seem to get the below Nat config to work. I removed the crypto from the fa0/0 for testing.

Why can't i get xlates when I ping 192.168.1.5 or 192.168.1.1? As you can see my access list isnt getting touched?

What am i missing?????

==============================================

CCC#sh access-lists

Standard IP access list 1

    10 permit 10.10.10.0, wildcard bits 0.0.0.255

==============================================
CCC#sh ip nat t

CCC#
==============================================

CCC#sh ip nat s
Total active translations: 0 (0 static, 0 dynamic; 0 extended)
Outside interfaces:
  FastEthernet0/0
Inside interfaces:
  FastEthernet0/1
Hits: 0  Misses: 0
CEF Translated packets: 0, CEF Punted packets: 0
Expired translations: 0
Dynamic mappings:
-- Outside Destination
[Id: 2] access-list 1 interface FastEthernet0/0 refcount 0
[0] prot 6: port #7 refcount 1 syscount 1 localport 4294967295, localaddr 0.0.0.
0, flags 1
[0] prot 6: port #9 refcount 1 syscount 1 localport 4294967295, localaddr 0.0.0.
0, flags 1
[0] prot 6: port #11 refcount 1 syscount 1 localport 4294967295, localaddr 0.0.0
.0, flags 1
[0] prot 6: port #13 refcount 1 syscount 1 localport 4294967295, localaddr 0.0.0
.0, flags 1
[0] prot 6: port #19 refcount 1 syscount 1 localport 4294967295, localaddr 0.0.0
.0, flags 1
[0] prot 6: port #21 refcount 1 syscount 1 localport 4294967295, localaddr 0.0.0
.0, flags 1
=============================================================================

CCC#sh run
Building configuration...

Current configuration : 1490 bytes
!
version 12.4
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname CCC
!
boot-start-marker
boot system flash c2600-adventerprisek9-mz.124-25d.bin
boot-end-marker
!
!
no aaa new-model
no network-clock-participate slot 1
no network-clock-participate wic 0
ip cef


no ip domain lookup
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3

archive
log config
  hidekeys
!
!
!
!
crypto isakmp policy 2
encr 3des
hash md5
authentication pre-share
group 2
lifetime 400
crypto isakmp key cisco123 address 1.1.1.3
!
!
crypto ipsec transform-set Petaluma_VPN ah-sha-hmac esp-3des
!
crypto map Petaluma_1 1 ipsec-isakmp
! Incomplete
set peer 1.1.1.3
set transform-set Petaluma_VPN
match address 100
!
!

interface FastEthernet0/0
ip address 1.1.1.2 255.255.255.0
ip nat outside
ip virtual-reassembly
speed auto
half-duplex
!
interface Serial0/0
no ip address
shutdown
clock rate 56000
!
interface FastEthernet0/1
ip address 10.10.10.1 255.255.255.0
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
!
router rip
network 1.0.0.0
network 10.0.0.0
no ip forward-protocol nd
ip route 192.168.1.0 255.255.255.0 1.1.1.3
!
!
no ip http server
no ip http secure-server
ip nat source list 1 interface FastEthernet0/0 overload
!
access-list 1 permit 10.10.10.0 0.0.0.255
!
!
!
control-plane
!

line con 0
line aux 0
line vty 0 4
login
!
!
end

1 person had this problem
Labels:
0 Helpful
Who Me Too'd this topic