Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
322
Views
0
Helpful
2
Replies

Issues with Ping Responses in Packet Tracer (NAT overloading/static)

Twich
Level 1
Level 1

‎12-22-2023 12:03 PM

Hello Community,

I'm currently working with a network setup in Packet Tracer and facing issues with pinging a web server. Here are the details of my configuration:

Twich_1-1703274324514.png

 

I have a web server with a local IP of 172.25.31.2/29 located in the DMZ Zone. To facilitate communication, I added a static NAT entry using the command: "ip nat inside source static 172.25.31.2 209.165.112.254".

For the clients, such as MA11 (172.25.30.70/26), I've set up NAT with overloading using the following commands and 

I've also configured relevant static routes and access control lists (ACL) for NAT:
"
ip nat inside source list ACL_NAT interface Serial1/0/0 overload
ip nat inside source static 172.25.31.2 209.165.112.254
ip nat inside source static 172.25.31.3 209.165.112.253

ip route 0.0.0.0 0.0.0.0 Serial1/0/0

ip route 172.25.30.64 255.255.255.192 172.25.31.10

ip route 172.25.31.8 255.255.255.248 172.25.31.10

ip access-list standard ACL_NAT
permit 172.25.30.0 0.0.0.63
permit 172.25.30.64 0.0.0.63
permit 172.25.31.8 0.0.0.7
"
The address of R1 on Gig0/1 is 172.25.31.10/29. The problem arises when I try to ping the web server (209.165.112.254) from the client. The ping request reaches the web server, but on the return path, it fails at the edge router. I've checked the NAT translation table using the command show ip nat translations, and here is the output:"

Edge#show ip nat translations

Pro Inside global Inside local Outside local Outside global

icmp 209.165.112.2:79 172.25.30.70:79 209.165.112.254:79 209.165.112.254:79

icmp 209.165.112.2:80 172.25.30.70:80 209.165.112.254:80 209.165.112.254:80

icmp 209.165.112.2:81 172.25.30.70:81 209.165.112.254:81 209.165.112.254:81

icmp 209.165.112.2:82 172.25.30.70:82 209.165.112.254:82 209.165.112.254:82

icmp 209.165.112.254:79172.25.31.2:79 209.165.112.2:79 209.165.112.2:79

icmp 209.165.112.254:80172.25.31.2:80 209.165.112.2:80 209.165.112.2:80

icmp 209.165.112.254:81172.25.31.2:81 209.165.112.2:81 209.165.112.2:81

icmp 209.165.112.254:82172.25.31.2:82 209.165.112.2:82 209.165.112.2:82

--- 209.165.112.253 172.25.31.3 --- ---

--- 209.165.112.254 172.25.31.2 --- ---"

It seems the response from the web server is not reaching the client through the edge router. I've attached the full configuration of the edge router for reference.

PS: On R1 HSRP is enabled.

Any insights or suggestions on resolving this issue would be greatly appreciated.

Thank you!

Labels:
Preview file
2 KB
0 Helpful
2 Replies 2

marce1000
VIP
VIP

‎12-22-2023 12:18 PM

 

     - FYI :  Community group for Packet Tracer project questions

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

Georg Pauwen
VIP
VIP

‎12-22-2023 01:10 PM

Hello,

post your Packet Tracer project (.pkt) file...

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card