Solved: NAT issues

Kaushik Ray · ‎06-08-2015

hello

I have a device connected to my Gi0/1 on my router with IP address as 192.168.1.2 255.255.255.0 and Gi0/1 is configured as 192.168.1.1 255.255.255.0

I have a loopback configured as a public ip address

I want that device with 192.168.1.2 to be able to be Natted to the Public IP address to be reached from another public ip address.

Gi0/2.374 is WAN side interface

So i configured as follows:

int gi0/1

ip address 192.168.1.1 255.255.255.0
ip nat inside

int GigabitEthernet0/2.374
ip nat outside
ip access-group nat.acl out

int lo374

ip adddress XXX.XXX.XXX.XXX 255.255.255.255

ip nat inside source list nat.acl interface lo374 overload
!
ip access-list extended nat.acl
permit ip host XXX.XXX.XXX.XXX host YYY.YYY.YYY.YYY
permit ip hostYYY.YYY.YYY.YYY host XXX.XXX.XXX.XXX

but when i am doing a show ip nat translations i am not seeing anything.

Any advise will be much appreciated on where i am going wrong.

Thanks

Jon Marshall · ‎06-08-2015

You can't use the same acl for both NAT and to control traffic on your outside interface because the NAT acl needs to reference the private IP address of the host whereas the acl applied to the interface needs to reference the public IP.

So create a new acl for NAT and modify your NAT statement to use the new acl.

Jon

View solution in original post

Jon Marshall · ‎06-08-2015

You can't use the same acl for both NAT and to control traffic on your outside interface because the NAT acl needs to reference the private IP address of the host whereas the acl applied to the interface needs to reference the public IP.

So create a new acl for NAT and modify your NAT statement to use the new acl.

Jon