I have configured my cisco router 1841 with nat overload and static nat 1:1 to 2 lan client as follows:
1. LAN IP 192.168.1.2 navigate with WAN public IP, example 220.127.116.11 - NAT Overload
ip nat pool natpool 18.104.22.168 22.214.171.124 netmask 255.255.255.0
ip nat inside source list 1 pool natpool overload
access-list 1 permit 192.168.1.0 0.0.0.255
2. LAN IP 192.168.1.132 navigate with an external public IP, example 126.96.36.199 - NAT Static
ip nat inside source static 192.168.1.132 188.8.131.52 extendable
The two lan client navigate without problem, but the hairpin test fail, in fact if I try to ping the ip 184.108.40.206 from the client 192.168.1.2 the ping is not permitted, but naturally the client with ip 192.168.1.2 is able to ping the ip 192.168.1.132.
I have configured the following route-map under the lan interface but the test fail the same
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip policy route-map Nat-loop
route-map Nat-loop permit 10
match ip address 102
set ip next-hop 192.168.1.132
access-list 102 permit ip host 192.168.1.2 host 220.127.116.11
Hello guys.I installed remote access VPN on Windows 2019. I need to do additional configuration on the router to allow access outside. I got this.Public IP--------------ISP Router-------------Fa0/0 Cisco Router Fa0/1------------------------My Server ...
Meet the Authors video - How to Troubleshoot Network Problems with Vinit Jain
(Live event – Wednesday, February 12th, 2020 at 10:00 a.m. Pacific / 1:00 p.m. Eastern / 7:00 p.m. Paris)
This event had place on Wednesday 12th, February 2020 at 10hrs PDT&nbs...
I have a pair of 3945 routers that are proving to be underpowered for the 100+ remote offices connecting to them. Fortunately I happen to have a couple of 4351 ISRs rated for significantly greater encrypted throughput. Is there any way I could upgrade the...
This article assumes you have the basic knowledge and experience with Cisco DNA Center and Identity Services Engine (ISE).Note when reading this doc the "Authentication Policy" referred to is part of Cisco DNA Center Onboarding section and ha...