ā10-18-2024 09:08 AM
Hi , i am new to cisco world , i have applied the above scenario ,OSPF is running on all routers
i am trying to gain access to the network 26.10.10.0/24 as through NAT from other networks .but R1 is not performing A Nat
it is performing a routing instead i can the the web server which is 26.10.10.100 form any where inside the network ,as i understood the NAT can be simulated to any network not only the internet
please you help is appreciated .
i have attached the configuration files for R1 and R3
i
Solved! Go to Solution.
ā10-21-2024 03:16 AM - edited ā10-21-2024 03:17 AM
You can achieve this in packet tracert by using Access List on the router.
Using NAT, PacketTracer have some limitation in comparison with real devices.
ā10-18-2024 09:15 AM
Can you share the PacketTracer file instead? You need to zip the file first to attach here.
ā10-20-2024 07:04 AM
Thank you for the reply ,I have noticed something when i change the ACL to allow ip any any ,the nat works and shows the translation but when i modify the ACL to allow only http for the network 10.30.30.0/24 ,Nat stops working and the traffic still flow across the network normally,
ā10-20-2024 07:52 AM
I used the following config and I can see the NAT translation at the router.
Keep in mind that you are not going to use the port 80 or 443 on the NAT config. In order to use the port on the NAT config, it would be called port forward and the way to configure it is defferent and not supported on PackeTracer.
Should be something like this:
"ip nat inside source static tcp x.x.x.x 80 x.x.x.x 80 extendable"
The config below is called PAT and works.
!
ip nat pool asiapool 26.10.10.4 26.10.10.50 netmask 255.255.255.0
ip nat inside source list allow30 pool asiapool overload
ip classless
!
ip flow-export version 9
!
!
ip access-list extended allow30
permit ip 10.0.0.0 0.255.255.255 any
!
ā10-21-2024 03:02 AM
Thank you for the explanation. I just wanted to handle the router similarly to how I do with FortiGate, allowing certain types of traffic from inside to outside by applying NAT on Router 1, as I considered the WAN interface to be the one attached to this subnet (26.10.10.2/24).
However, I didn't quite understand from your reply whether Packet Tracer is not allowing this, or if it's only an issue in Packet Tracer but would work in a real-world scenario.
ā10-21-2024 03:16 AM - edited ā10-21-2024 03:17 AM
You can achieve this in packet tracert by using Access List on the router.
Using NAT, PacketTracer have some limitation in comparison with real devices.
ā10-21-2024 03:39 AM
that is confusing me, I have modified the ACL to allow 30 network traffic while denying any other subnets
it shows that other network traffic is hitting the ACL as you can see (4 matches) but the traffic can be reached to the destination
Thank you
ā10-21-2024 03:51 AM
I see. But doing this, you are denying the traffic to be natted but, the traffic on the topology does not need the NAT to reach the destination.
One easy solution would be put and ACL for traffic control, not only for NAT. The ACL inside NAT is used only for match or not match the traffic, it is not used to block the traffic.
I will try to come up with a better solution for you by using NAT, give me some time.
ā10-21-2024 04:46 AM
Thank you so much for that. it answered 80% percent of the question
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide