Cisco Community
English
Register
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
544
Views
0
Helpful
9
Replies
Highlighted
ปลาวาฬทราย RMUTT CPE IX
ปลาวาฬทราย RMUTT CPE IX Participant
Participant
‎06-18-2019 02:14 AM
‎06-18-2019 02:14 AM

Could the Cisco router do return NAT?

My configuration looks like:

interface GigabitEthernet0/0
 description External
 ip address x.223.40.119 255.255.255.0
 ip nat enable
 duplex auto
 speed auto
!
interface GigabitEthernet0/1
 description Internal
 ip address x.100.1.253 255.255.255.0
 ip nat enable
 duplex auto
 speed auto
!
ip nat source static x.100.1.202 x.223.40.154
ip nat source static x.100.1.204 x.223.40.155

The x.100.1.202 can't ping & rdp to x.223.40.155. How should I do?

Everyone's tags (5)
0 Helpful
Reply
9 REPLIES 9
omz
omz Rising star
Rising star
‎06-18-2019 02:32 AM
‎06-18-2019 02:32 AM

Re: Could the Cisco router do return NAT?

Hi 

Under the interface config you need - ip nat inside / ip nat outside command on the appropriate interface. 

See example - 

https://www.cisco.com/c/en/us/support/docs/ip/network-address-translation-nat/13773-2.html

 

 

0 Helpful
Reply
ปลาวาฬทราย RMUTT CPE IX
ปลาวาฬทราย RMUTT CPE IX Participant
Participant
‎06-18-2019 03:23 AM
‎06-18-2019 03:23 AM

Re: Could the Cisco router do return NAT?

My configuration now looks like:

interface GigabitEthernet0/0
 description External
 ip address x.223.40.119 255.255.255.0
 ip nat outside
 duplex auto
 speed auto
!
interface GigabitEthernet0/1
 description Internal
 ip address x.100.1.253 255.255.255.0
 ip nat inside
 duplex auto
 speed auto
!
ip nat inside source static x.100.1.202 x.223.40.154
ip nat inside source static x.100.1.204 x.223.40.155

The x.100.1.202 can ping but can't rdp to x.223.40.155.

I tried to add more 2 commands:

ip nat outside source static x.223.40.154 x.100.1.202
ip nat outside source static x.223.40.155 x.100.1.204

The x.100.1.202 can't ping & rdp to x.223.40.155. How should I do?

 

Thank you very much.

0 Helpful
Reply
paul driver
VIP Advisor paul driver VIP Advisor
VIP Advisor
‎06-18-2019 05:38 AM
‎06-18-2019 05:38 AM

Re: Could the Cisco router do return NAT?

Hello
Externally you should be able to ping towards  x.223.40.154 and see a translation to x.100.1.202  and the same goes for  x.223.40.155 and see a translation to x.100.1.204
Internally you should be able to ping anything internal without nat being introduced. 

 

Now if are you wishing to connect to the external natted address of an internal host from another internal host?

Then were correct in the first place to use domian-less nat (ip nat enable,  ip nat source static xx)  and it should have worked

Can you post the configuration of your rtr, Do you have a default applied?



kind regards
Paul

Please rate and mark posts accordingly if you have found any of the information provided useful.
It will hopefully assist others with similar issues in the future
0 Helpful
Reply
ปลาวาฬทราย RMUTT CPE IX
ปลาวาฬทราย RMUTT CPE IX Participant
Participant
‎06-18-2019 08:33 PM
‎06-18-2019 08:33 PM

Re: Could the Cisco router do return NAT?

The configuration in the topic and I also attach of the whole router.

The x.100.1.202 can't ping & rdp to x.223.40.155. How should I do?

1.jpg

# sho ip nat nvi tra icmp
Pro Source global         Source local          Destin  local         Destin  global
icmp x.170.119.58:39556 x.170.119.58:39556  x.223.40.155:39556  x.100.1.204:39556
icmp x.170.119.58:44676 x.170.119.58:44676  x.223.40.154:44676  x.100.1.202:44676
icmp x.223.40.154:1     x.100.1.202:1        x.223.40.155:1      x.100.1.204:1

Thank you very much.

0 Helpful
Reply
paul driver
VIP Advisor paul driver VIP Advisor
VIP Advisor
‎06-19-2019 01:39 AM
‎06-19-2019 01:39 AM

Re: Could the Cisco router do return NAT?

Hello

Your nat configuration seems correct.
It could be something else that is negating response between these hosts from natted address.

On host x.100.1.202 does it have a default-gateway towards the nat router, any software fw etc..



kind regards
Paul

Please rate and mark posts accordingly if you have found any of the information provided useful.
It will hopefully assist others with similar issues in the future
0 Helpful
Reply
ปลาวาฬทราย RMUTT CPE IX
ปลาวาฬทราย RMUTT CPE IX Participant
Participant
‎06-19-2019 03:36 AM
‎06-19-2019 03:36 AM

Re: Could the Cisco router do return NAT?

2.jpg

How should I do?

 

Thank you very much.

0 Helpful
Reply
paul driver
VIP Advisor paul driver VIP Advisor
VIP Advisor
‎06-19-2019 03:47 AM
‎06-19-2019 03:47 AM

Re: Could the Cisco router do return NAT?

Hello

Can you turn off any software fw on those hosts please, Also clear arp from the rtr and the hosts and test again.



kind regards
Paul

Please rate and mark posts accordingly if you have found any of the information provided useful.
It will hopefully assist others with similar issues in the future
0 Helpful
Reply
ปลาวาฬทราย RMUTT CPE IX
ปลาวาฬทราย RMUTT CPE IX Participant
Participant
‎06-19-2019 04:36 AM
‎06-19-2019 04:36 AM

Re: Could the Cisco router do return NAT?

The x.100.1.202 can't ping & rdp to x.223.40.155. However, x.100.1.202 can ping & rdp to x.100.1.204 and external (another public subnet) also can ping & rdp to x.223.40.155 normally.

 

Thank you very much.

0 Helpful
Reply
paul driver
VIP Advisor paul driver VIP Advisor
VIP Advisor
‎06-19-2019 05:10 AM
‎06-19-2019 05:10 AM

Re: Could the Cisco router do return NAT?

Hello

As I said something else is negating this access and for you to confirm it was working suggests a change has occurred so now to prohibit connection.

 

What is sitting behind the lan interface of the nat rtr where these host are located?



kind regards
Paul

Please rate and mark posts accordingly if you have found any of the information provided useful.
It will hopefully assist others with similar issues in the future
0 Helpful
Reply
Latest Contents
Creating labs
Created by Betos on 10-11-2019 04:41 PM
1
0
1
0
. My work contains abbundance of networking gear.i have 3945 routers with attatched nme,3850 switches 48 gig port with 4 tengig port,3850 switch with 16 fiber ports, fortigate 600d along with servers with 8tbs of free space.if you have any labs for me id ... view more
Installation of DNA Center
Created by Tala_Ali on 10-10-2019 04:19 AM
2
0
2
0
Hello   I have a network in prodcution like it mensionned in this picture. The customer wants to renovate the current infrastructure by changing all the hardware. For this reason we had think about deploying DNA Center and make automat... view more
how to quickly and reliably troubleshoot a network using not...
Created by Tagir Temirgaliyev on 10-06-2019 01:42 AM
0
0
0
0
I want to show how to quickly and reliably troubleshoot a network using notepad++.If you are not using Cisco GENIE and your network is not very big and you have several routers/switches only.For illustration, I created a simple topology.First, the loopbac... view more
#CiscoChat Live: Deployment Options for SD-WAN Hybrid and Mu...
Created by Kelli Glass on 09-30-2019 04:04 PM
0
0
0
0
Join us on Tuesday, October 15 at 10:00 am PT to to learn how Equinix and Cisco enable multicloud and Hybrid IT access.  Digital transformation initiatives are driving the adoption of internet, cloud, mobile and IoT technologies. In order t... view more
#CiscoChat Live: Deployment Options for SD-WAN Hybrid and Mu...
Created by Kelli Glass on 09-30-2019 04:01 PM
0
0
0
0
Join us on Tuesday, October 15 at 10:00 am PT to to learn how Equinix and Cisco enable multicloud and Hybrid IT access.  Digital transformation initiatives are driving the adoption of internet, cloud, mobile and IoT technologies. In order to me... view more
CreatePlease to create content
Discussion
Blog
Document
Video
Content for Community-Ad
July's Community Spotlight Awards