Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
607
Views
0
Helpful
5
Replies

NAT Issue?

js358
Level 1
Level 1

‎06-24-2005 04:31 PM - edited ‎03-03-2019 09:54 AM

Hello All:

Have an issue and am not quite sure of the cause.

Segmented network, 1.x, 2.x, 3.x

Have a 2600 Router servicing the 3x clients for internet connectivity.

FA0/0 ip address 10.0.3.1

IP NAT inside

This interface used as gateway for 3.x clients to route out 3 T1's

Route statement for all 3 serials

ip route 0.0.0.0 0.0.0.0 ser0/0, 0/1, 0/2

ip nat ouside on all 3.

The problem. I have a webserver sitting on 2.x network. I have a static map on the router from external ip to 10.0.2.20.

Now, the problem is intermittant but this website mapped through this router chokes sometimes...can't ping it from the outside and it won't serve any pages. All other IP's on this router are fine and accessible from outside. All internal routing is fine.

The kicker...I dual honed the web server and gave it a 3.x address on the second NIC. I natted an ip to it and it is rock solid, no problems at all, even when the webserver cannot serve up pages for the site on the 2.x segment.

Any idea as to why this is happening??

Thanks.

Labels:
0 Helpful
5 Replies 5

johansens
Level 4
Level 4

‎06-25-2005 09:54 AM

Where/how is your 1.x and 2.x networks connected?

0 Helpful

js358
Level 1
Level 1
In response to johansens

‎06-25-2005 05:09 PM

ethernet ports on common router

0 Helpful

suresh.krishnamurthy
Level 1
Level 1
In response to js358

‎06-27-2005 01:12 AM

Hi,

It is better to have a full global link upto your webserver. You assign a global address as primary on the webserver and if required for internal use (intranet) assign a secondary address also. Do the same thing at the ruter's ethernet interface with global primary & local secondary at the webserver configure Global address on the router as gateway.

Krishnamurthy Suresh

0 Helpful

alfredshum
Level 1
Level 1

‎06-27-2005 12:03 AM

If you're running NAT with multiple NAT pools or interfaces, you need to use route-map and in your case should be something like this:

!

route-map port0 permit 10

match interface s0/0

route-map port0 permit 1000

!

route-map port1 permit 10

match interface s0/1

route-map port1 permit 1000

!

route-map port2 permit 10

match ip address list 10

match interface s0/2

route-map port2 permit 1000

!

access-list 10 permit host a.b.c.d

!

ip nat inside source route-map port0 interface s0/0

ip nat inside source route-map port1 interface s0/1 overload

ip nat inside source route-map port2 e.f.g.h

!

Of course you can use more "match" state to refine your match, say "match ip address" for specific servers. Also you can replace the interface on that NAT statement with an outside IP address or a pool of addresses. Very flexible.

0 Helpful

mrarahman
Level 1
Level 1
In response to alfredshum

‎06-27-2005 12:44 AM

For a better understanding of the NAT-Routemaps, follow this link.

http://www.ciscotaccc.com/iprout/showcase?case=K39240839

Note:Rate it!

HTH

MAR

0 Helpful
Customers Also Viewed These Support Documents