Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1638
Views
0
Helpful
3
Replies

Every odd IP address get an Nat Translation, even IP address dont

Go to solution
Patrick Werner
Level 1
Level 1

‎03-07-2013 04:14 AM - edited ‎03-04-2019 07:13 PM

Hi Community.

Guys, i see every second IP adress has a Internet connection. Every even IP address, the odd IP addresses havent a Internet Connection.

I do NAT betwenn 192.168.0.14 255.255.255.0 and 172.16.20.0 255.255.254.0.

Is that a problem to do NAT betwenn a /24 network and /23 network?

interface GigabitEthernet0/0.2 <- The Inside Interface Vlan 120

encapsulation dot1Q 120

ip address 172.16.20.1 255.255.254.0

ip access-group Lakeside in

ip nat inside

ip virtual-reassembly in

!

interface GigabitEthernet0/0.3 <- The Inside Interface Vlan 121

encapsulation dot1Q 121

ip address 172.17.20.1 255.255.254.0

ip access-group Lakeside in

ip nat inside

ip virtual-reassembly in

interface GigabitEthernet0/1 <- The outisde Interface as a DHCP Client

ip address dhcp

ip nat outside

ip virtual-reassembly in

duplex auto

speed auto

ip nat inside source list ACL_NAT interface GigabitEthernet0/1 overload <- The NAT Rule

ip route 0.0.0.0 0.0.0.0 192.168.0.1 <- The route to the Router of the Provider

ip route 192.168.10.0 255.255.255.0 192.168.20.1

!

ip access-list extended ACL_NAT <- The ACL for NAT

permit ip 172.16.0.0 0.15.255.255 any

ip access-list extended Lakeside <- The ACL for the Inside Vlans 12 and 121

permit udp any any eq bootps

permit udp any any eq bootpc

deny   ip any 172.16.0.0 0.15.255.255

deny   ip any 192.168.0.0 0.0.255.255

deny   ip any 10.0.0.0 0.255.255.255

permit ip 172.16.20.0 0.0.0.254 any

permit ip 172.17.20.0 0.0.0.254 any

Here the DHCP Lease from the Provider:

Temp IP addr: 192.168.0.14  for peer on Interface: GigabitEthernet0/1

Temp  sub net mask: 255.255.255.0

   DHCP Lease server: 192.168.0.1, state: 5 Bound

   DHCP transaction id: 1C71

   Lease: 604800 secs,  Renewal: 302400 secs,  Rebind: 529200 secs

Temp default-gateway addr: 192.168.0.1

   Next timer fires after: 3d07h

   Retry count: 0   Client-ID: cisco-4403.a7c6.3f69-Gi0/1

   Client-ID hex dump: 636973636F2D343430332E613763362E

                       336636392D4769302F31

   Hostname: KLS-RTR-001

Here the NAT Translations:


tcp 192.168.0.14:51174 172.17.20.2:51174 4.28.11.50:443 4.28.11.50:443
tcp 192.168.0.14:53590 172.17.20.4:53590 17.149.36.177:443 17.149.36.177:443
tcp 192.168.0.14:50095 172.17.20.6:50095 17.172.232.70:443 17.172.232.70:443

tcp 192.168.0.14:49391 172.17.20.8:49391 17.172.232.114:443 17.172.232.114:443

udp 192.168.0.14:55348 172.17.20.8:55348 8.8.8.8:53 8.8.8.8:53
tcp 192.168.0.14:52477 172.17.20.10:52477 157.56.254.54:443 157.56.254.54:443

tcp 192.168.0.14:34352 172.17.20.12:34352 212.227.17.186:993 212.227.17.186:993
tcp 192.168.0.14:56589 172.17.20.20:56589 17.158.10.36:443 17.158.10.36:443

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
John Blakley
VIP Alumni
VIP Alumni

‎03-07-2013 04:18 AM

Patrick,

I think your issue is in the Lakeside acl with these 2 lines:

permit ip 172.16.20.0 0.0.0.254 any

permit ip 172.17.20.0 0.0.0.254 any

You're telling the router to permit only even hosts through this interface, so that's why you're only seeing even hosts in your translation table. Change the 2 lines to be "172.16.20.0 0.0.0.255" and "172.17.20.0 0.0.0.255" and you should see different results.

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***

View solution in original post

0 Helpful
3 Replies 3

Go to solution
John Blakley
VIP Alumni
VIP Alumni

‎03-07-2013 04:18 AM

Patrick,

I think your issue is in the Lakeside acl with these 2 lines:

permit ip 172.16.20.0 0.0.0.254 any

permit ip 172.17.20.0 0.0.0.254 any

You're telling the router to permit only even hosts through this interface, so that's why you're only seeing even hosts in your translation table. Change the 2 lines to be "172.16.20.0 0.0.0.255" and "172.17.20.0 0.0.0.255" and you should see different results.

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***
0 Helpful

Go to solution
Patrick Werner
Level 1
Level 1
In response to John Blakley

‎03-07-2013 04:28 AM

Damm. i but .254 on the wrong place. .23 Network should be written like that permit ip 172.17.20.0 0.0.1.255

Thanks for showing me that.

Patrick

0 Helpful

Go to solution
John Blakley
VIP Alumni
VIP Alumni
In response to Patrick Werner

‎03-07-2013 04:37 AM

Glad to help

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***
0 Helpful
Customers Also Viewed These Support Documents