Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
9675
Views
0
Helpful
16
Replies

ip nat inside source static not working

rcordeiro
Level 1
Level 1

‎05-29-2014 10:07 AM - edited ‎03-04-2019 11:03 PM

Hi all,

 

I have a 2951 configured with subinterfaces (for the inside networks) and NAT.

Outside NAT is working just fine but inside NAT is not working and I have no clue...

configs:

interface GigabitEthernet0/0
 ip address xxx.xxx.xxx.xxx 255.255.255.252
 ip nat outside
 ip virtual-reassembly in
 duplex auto
 speed auto
!
interface GigabitEthernet0/1
 no ip address
 duplex auto
 speed auto
!
interface GigabitEthernet0/1.10
 encapsulation dot1Q 10
 ip address 192.168.10.254 255.255.255.0
 ip helper-address 192.168.10.10
 ip nat inside
 ip virtual-reassembly in
!
interface GigabitEthernet0/1.20
 encapsulation dot1Q 20
 ip address 192.168.20.254 255.255.255.0
 ip helper-address 192.168.10.10
 ip nat inside
 ip virtual-reassembly in
!         
interface GigabitEthernet0/1.30
 encapsulation dot1Q 30
 ip address 192.168.30.254 255.255.255.0
 ip access-group 101 in
 ip helper-address 192.168.10.10
 ip nat inside
 ip virtual-reassembly in

ip nat inside source static tcp 192.168.10.10 3389 interface GigabitEthernet0/0 3389
ip nat inside source route-map NAT interface GigabitEthernet0/0 overload

 

I'm not able to get a connection from outside to inside:

#sh ip nat trans

Pro Inside global         Inside local          Outside local         Outside global
tcp xxx.xxx.xxx.xxx:3389    192.168.10.10:3389    yyy.yyy.yyy.yyy:45378    yyy.yyy.yyy.yyy:45378
tcp xxx.xxx.xxx.xxx:3389    192.168.10.10:3389    ---                   ---

 

#sh ip nat stat
Total active translations: 426 (0 static, 426 dynamic; 426 extended)
Peak translations: 1144, occurred 02:05:28 ago
Outside interfaces:
  GigabitEthernet0/0
Inside interfaces: 
  GigabitEthernet0/1.10, GigabitEthernet0/1.20, GigabitEthernet0/1.30
Hits: 1888451  Misses: 0
CEF Translated packets: 1849109, CEF Punted packets: 39341
Expired translations: 31243
Dynamic mappings:
-- Inside Source
[Id: 2] route-map NAT interface GigabitEthernet0/0 refcount 424

Total doors: 0
Appl doors: 0
Normal doors: 0
Queued Packets: 0

 

Nothing appears at the static translations.

 

Router is running 15.4.2.T but I also tried with several 15.2 releases and always the same behaviour.

 

 

Labels:
0 Helpful
16 Replies 16

rcordeiro
Level 1
Level 1

‎05-30-2014 09:16 AM

Hi have asked the guys at the location to check everything, let's see what they tell me...

 

Anyway, thanks for all of you who helped or tried to help.

 

Regards

0 Helpful

imtiaz
Level 1
Level 1
In response to rcordeiro

‎05-01-2018 12:42 AM

Hi i was in similar situation. what we have found that the following command should be on the inside and outside interface

ip nat enable

 this will resolve the issue for Dynamic or Static NAT. plus use the following command to check stats

 

DXB-EDGE-C2911-03#show ip nat nvi translations
Pro Source global Source local Destin local Destin global
--- 185.100.209.176 10.124.32.253 --- ---
icmp 185.100.209.176:1474 169.47.140.23:1474 185.100.209.176:1474 10.124.32.253:1474
udp 185.100.208.2:123 185.100.208.2:123 185.100.209.176:123 10.124.32.253:123
udp 185.100.209.177:49152 185.100.209.177:49152 185.100.209.176:3784 10.124.32.253:3784

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card