Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1524
Views
5
Helpful
3
Replies

Can not ping to a dynamic nat ip address

Go to solution
SubnetWarrior
Level 1
Level 1

‎07-22-2020 08:15 PM - edited ‎07-22-2020 08:20 PM

Helo experts, 

So this is my topology : 

 

PC A and PC B   -  dynamic nat     -       Router 1         -       Router 2          -  PC C

10.10.10.2-3     -   50.50.50.2-5  -   200.200.200.1   -     200.200.200.1  -   172.16.10.2

 

When i ping from pc A to pc C, it succeed and the nat is establish (Router 1 give PC A nat 50.50.50.2)

When i ping from pc B to pc C, it succeed and the nat is establish (Router 1 give PC B nat 50.50.50.3)

 

But when i ping from PC C to 50.50.50.2 and 50.50.50.3, it failed (destination host unreachable), i check the routing table on router 2, the routing is fine. 

 

When i change from dynamic nat to static nat  :

10.10.10.2 <-> 50.50.50.2

10.10.10.3 <-> 50.50.50.3

 

PC C succesfully ping 50.50.50.2 and 50.50.50.3

 

So it's the normal behaviour that we can not ping the destination which is dynamic nat?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
paul driver
VIP
VIP

‎07-22-2020 11:45 PM - edited ‎07-22-2020 11:51 PM

Hello

You can use reversible nat, this way you should be able to reach the internal natted host from the outside host up until the reversible 1-1 nat translation it creates expires as such the internal host will need to reinitiate the connection where upon both a dynamic and 1-1 nat entry will be created again.

 

example:
ip nat pool STAN 50.50.50.2 -50.50.50.10  prefix-length 24 
ip nat inside source route-map NAT pool STAN reversible

access-list 1 permit 10.0.0.0 0.0.0.255
route-map NAT 
match ip address 1


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

View solution in original post

3 Replies 3

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎07-22-2020 10:56 PM

Technically you should be able to ping the other way around also. but to confirm what is wrong here. we have only limited information about the problem, you need to provide more information 

 

Like, device model? what is code running? how your NAT configuration configured? nice to have a configuration bit to understand the problem.

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
paul driver
VIP
VIP

‎07-22-2020 11:45 PM - edited ‎07-22-2020 11:51 PM

Hello

You can use reversible nat, this way you should be able to reach the internal natted host from the outside host up until the reversible 1-1 nat translation it creates expires as such the internal host will need to reinitiate the connection where upon both a dynamic and 1-1 nat entry will be created again.

 

example:
ip nat pool STAN 50.50.50.2 -50.50.50.10  prefix-length 24 
ip nat inside source route-map NAT pool STAN reversible

access-list 1 permit 10.0.0.0 0.0.0.255
route-map NAT 
match ip address 1


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Go to solution
SubnetWarrior
Level 1
Level 1
In response to paul driver

‎07-22-2020 11:56 PM

Wow thx for the answer and solution sir.
I never know about reversible nat until now.
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card