Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
140
Views
2
Helpful
6
Replies

Cisco 2960 switch NAT

Kane Smith
Level 1
Level 1

‎09-26-2024 02:05 AM

Hi all, I have a Cisco 2960 switch running IOS 15.2(7) E7. I configured NAT overload.

Straight forward config:

interface Vlan150
description INSIDE-LAN
ip address 10.150.0.254 255.255.255.0
ip nat inside
!
interface Vlan192
description OUTSIDE-LAN
ip address 192.168.0.254 255.255.255.0
ip nat outside
!
ip access-list standard NAT-LIST
permit 10.150.0.0 0.0.255.255
!
ip nat inside source list NAT-LIST interface Vlan192 overload

NAT doesn't work when a device on the 10.150.x.x network (default gateway is 10.150.0.254) tries to reach the Internet.

However, if I source a PING from 10.150.0.254, it works fine:

SW1#ping 8.8.8.8 source 10.150.0.254
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
Packet sent with a source address of 10.150.0.254
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/20/25 ms
SW1#

SW1#sh ip nat translations
Pro Inside global Inside local Outside local Outside global
icmp 192.168.0.254:1024 10.150.0.254:3 8.8.8.8:3 8.8.8.8:1024
SW1#

I have verified using traceroute that the PC on the 10.150.x.x network is indeed going to SW1 in order to get to 8.8.8.8.

Any ideas please?

 

0 Helpful
6 Replies 6

paul.driver
Level 1
Level 1

‎09-26-2024 04:21 AM

Hello
Just to confirm if am understanding -  you have a 2960 switch performing NAT - correct?

0 Helpful

paul driver
VIP
VIP

‎09-26-2024 04:24 AM

Just to confirm if am understanding -  you have a 2960 switch performing NAT - correct?


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

MHM Cisco World
VIP
VIP
In response to paul driver

‎09-26-2024 04:50 AM

Friend 

Just to make you notice your reply is double and one of reply without profile photo' contact manager if you want 

MHM

0 Helpful

paul driver
VIP
VIP
In response to MHM Cisco World

‎09-26-2024 05:51 AM

Hello @MHM Cisco World 
FYI its  due to having dual cco accounts and flipping between them, as such my browser(s) cannot keep up.

cheers..

 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Kane Smith
Level 1
Level 1
In response to paul driver

‎09-26-2024 11:31 AM - edited ‎09-26-2024 11:44 AM

Yes. That is correct. Its in a lab environment. Does everything we need but NAT. Didn't really want to add a router to perform just one function.

0 Helpful

MHM Cisco World
VIP
VIP
In response to Kane Smith

‎09-26-2024 11:40 AM

ip access-list standard NAT-LIST
permit 10.150.0.0 0.0.255.255

Correct this to be 

ip access-list standard NAT-LIST
permit 10.150.0.0 0.0.0.255

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card