Buy or Renew
Buy or Renew
COMING SOON: Umbrella and Secure Access release notes are coming to Cisco Community. The community will be in read-only August 16 – 19. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1125
Views
4
Helpful
7
Replies

cisco ISR4321 NAT

nurbol555
Level 1
Level 1

‎04-07-2017 05:00 AM - edited ‎03-05-2019 08:19 AM

i have on port Gi0/0/0 three sub interface, two of them inside LAN network, last one internet interface, i use NAT from LAN addres to internet throw internet interface address and it worked, after that i'm added other LAN sub interface and my NAT stoped working, when i'm deleted one of this LAN port NAT again worked, what's problem?

interface GigabitEthernet0/0/0.5
encapsulation dot1Q 5
ip address 172.30.6.2 255.255.255.0
ip nat inside

interface GigabitEthernet0/0/0.10
encapsulation dot1Q 10
ip address 172.40.6.2 255.255.255.0
ip nat inside

interface GigabitEthernet0/0/0.20
encapsulation dot1Q 20
ip address 172.50.6.2 255.255.255.0
ip nat inside

interface GigabitEthernet0/0/0.899
description INET
encapsulation dot1Q 899

ip address x.x.10.10    255.255.255.252
ip nat outside

ip nat inside source static 172.40.6.80 x.x.10.10

Labels:
0 Helpful
7 Replies 7

Georg Pauwen
VIP
VIP

‎04-07-2017 11:52 AM

Hello,

what happens if you change:

ip nat inside source static 172.40.6.80 x.x.10.10

to

ip nat inside source static 172.40.6.80 interface GigabitEthernet0/0/0.899

0 Helpful

nurbol555
Level 1
Level 1
In response to Georg Pauwen

‎04-07-2017 09:25 PM

Doesn't support that command, only ip address to ip address, i was wondered when i find out that on isr4321

0 Helpful

Georg Pauwen
VIP
VIP
In response to nurbol555

‎04-07-2017 11:59 PM

Hello,

odd. What IOS version are your running on your router ? Does:

ip nat inside source static tcp 172.40.6 80 interface GigabitEthernet0/0/0.899 80

work ?

Can you post the full config of your router ?

0 Helpful

nurbol555
Level 1
Level 1
In response to Georg Pauwen

‎04-08-2017 11:58 AM

IOS version 15.5,  command  ip nat inside source static tcp 172.40.6 80 interface GigabitEthernet0/0/0.899 80 doesn't work and doesn't support, full version can show on monday, but what i wrote above it's  the main config what we need

0 Helpful

Georg Pauwen
VIP
VIP
In response to nurbol555

‎04-08-2017 12:59 PM

Hello,

as far as I remember, the 4321 started with IOS 16.3, so I am not sure if 15.5 even works. 

The latest release is the 3.16 IOS XE, can you try and upgrade to this version, or the 16.3 or the 16.3 version ?

https://software.cisco.com/download/release.html?mdfid=286006221&softwareid=282046477&release=3.13.1S

nurbol555
Level 1
Level 1
In response to Georg Pauwen

‎04-10-2017 07:57 AM

i just find out my router isr4321 had autoconfig, i see autoconfig first time, and now it support nat from interface GigabitEthernet0/0/0.899, who knows more about autoconfig? Is it dangerous? Is it downland config from internet?

0 Helpful

Georg Pauwen
VIP
VIP
In response to nurbol555

‎04-11-2017 11:56 PM

Hello,

are you referring to 'vlan-autoconfig' (which would be downloaded from a RADIUS server) ?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card