03-22-2012 11:16 PM - edited 03-04-2019 03:46 PM
Hi all,
I have a Cisco 2811 with an additional HWIC-4ESW card.
Fe0/0 is my WAN port to the Internet
Fe0/1 is P2P link to another location
Fe0/0/0 is a trunk port to a Catalyst 2650 switch
Fe0/0/1 is also a trunk port to a Catalyst 2650 switch
Fe0/0/2 is a link to an MPLS network
I need to NAT anything heading out of the WAN port.
I have the following:
interface FastEthernet0/0
description WAN
bandwidth 10000
ip address 203.1.9.1 255.255.255.252
ip access-group ACLIN-TO_WAN in
ip nat outside
no ip virtual-reassembly
duplex full
speed 100
!
interface FastEthernet0/1
description MAN
bandwidth 4000
ip address 172.16.4.2 255.255.255.240
duplex full
speed 100
!
interface FastEthernet0/0/0
description LAN trunk
switchport trunk allowed vlan 1,2,103,1002-1005
switchport mode trunk
!
interface FastEthernet0/0/1
description DMZ trunk
switchport trunk allowed vlan 1,2,203,1002-1005
switchport mode trunk
!
interface FastEthernet0/0/2
switchport access vlan 403
bandwidth 4000
!
interface FastEthernet0/0/3
shutdown
!
interface Vlan1
no ip address
!
interface Vlan103
ip address 10.0.24.1 255.255.255.0
ip nat inside
ip virtual-reassembly
!
interface Vlan203
ip address 203.1.2.3 255.255.255.248
!
interface Vlan403
ip address 172.16.2.9 255.255.255.252
!
...
!
ip route 0.0.0.0 0.0.0.0 203.166.90.133
!
ip nat source list 101 interface FastEthernet0/0 overload
!
access-list 101 permit ip any any
I can ping anything connected to my other private networks from my 10.0.24.0 network but nothing on the Internet.
Nothing is getting translated.
Total active translations: 0 (0 static, 0 dynamic; 0 extended)
Outside interfaces:
FastEthernet0/0
Inside interfaces:
Vlan103
Hits: 0 Misses: 0
CEF Translated packets: 0, CEF Punted packets: 0
Expired translations: 0
Dynamic mappings:
-- Outside Destination
[Id: 1] access-list 101 interface FastEthernet0/0 refcount 0
Appl doors: 0
Normal doors: 0
Queued Packets: 0
Any ideas?
Thanks.
03-23-2012 02:02 AM
Have you tried adding inside from your configuration.
ip nat inside source list 101 interface FastEthernet0/0 overload
03-23-2012 07:19 AM
Yeah put the overload in the nat list
Sent from Cisco Technical Support iPhone App
03-24-2012 12:58 AM
Hi eduardo,
its the inside command you try to add.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: