Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2362
Views
10
Helpful
19
Replies

Cisco 2960 switch NAT

Go to solution
Kane Smith
Level 1
Level 1

‎09-26-2024 02:05 AM

Hi all, I have a Cisco 2960 switch running IOS 15.2(7) E7. I configured NAT overload.

Straight forward config:

interface Vlan150
description INSIDE-LAN
ip address 10.150.0.254 255.255.255.0
ip nat inside
!
interface Vlan192
description OUTSIDE-LAN
ip address 192.168.0.254 255.255.255.0
ip nat outside
!
ip access-list standard NAT-LIST
permit 10.150.0.0 0.0.255.255
!
ip nat inside source list NAT-LIST interface Vlan192 overload

NAT doesn't work when a device on the 10.150.x.x network (default gateway is 10.150.0.254) tries to reach the Internet.

However, if I source a PING from 10.150.0.254, it works fine:

SW1#ping 8.8.8.8 source 10.150.0.254
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
Packet sent with a source address of 10.150.0.254
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/20/25 ms
SW1#

SW1#sh ip nat translations
Pro Inside global Inside local Outside local Outside global
icmp 192.168.0.254:1024 10.150.0.254:3 8.8.8.8:3 8.8.8.8:1024
SW1#

I have verified using traceroute that the PC on the 10.150.x.x network is indeed going to SW1 in order to get to 8.8.8.8.

Any ideas please?

 

0 Helpful
19 Replies 19

Go to solution
MHM Cisco World
VIP
VIP
In response to Kane Smith

‎09-27-2024 02:44 AM

You need to use /24 but 

As other answer you' not all SW support NAT

Change the platform to router and run same NAT 

Note:- if you use router I dont think it support vlan SVI so you need to use router port

MHM

Go to solution
Kane Smith
Level 1
Level 1
In response to MHM Cisco World

‎09-27-2024 02:52 AM

So I really need a small lab device with these features:

- Small switch 8 or 12 ports (to remove the fan noise)

- Gig Ethernet ports

- PoE

- dot1x

- NAT

- IOS 15

My little 2960 does all of the above except NAT.

Go to solution
MHM Cisco World
VIP
VIP
In response to Kane Smith

‎09-27-2024 02:56 AM

Friend I answer you above check it' 

MHM

0 Helpful

Go to solution
paul driver
VIP
VIP
In response to paul driver

‎09-26-2024 11:51 PM

Hello
That make sense its a lab simulation as on real hardware of 2960s they do NOT support nat


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Go to solution
MHM Cisco World
VIP
VIP

‎09-29-2024 12:10 AM

Friend @Kane Smith

I Check many times these SW don't support NAT as @paul driver @Giuseppe Larosa  mention

And what we see traffic generate from device itself is NAT it can bug in software you use for emulated.

So don't waste your time 

Use router Instead of SW and run NAT

MHM

0 Helpful
Customers Also Viewed These Support Documents