cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
825
Views
0
Helpful
3
Replies

NAT problem on a HWIC trunk port

global-gossip
Level 1
Level 1

Hi all,

I have a Cisco 2811 with an additional HWIC-4ESW card.

Fe0/0 is my WAN port to the Internet

Fe0/1 is P2P link to another location

Fe0/0/0 is a trunk port to a Catalyst 2650 switch

Fe0/0/1 is also a trunk port to a Catalyst 2650 switch

Fe0/0/2 is a link to an MPLS network

I need to NAT anything heading out of the WAN port.

I have the following:

interface FastEthernet0/0

description WAN

bandwidth 10000

ip address 203.1.9.1 255.255.255.252

ip access-group ACLIN-TO_WAN in

ip nat outside

no ip virtual-reassembly

duplex full

speed 100

!

interface FastEthernet0/1

description MAN

bandwidth 4000

ip address 172.16.4.2 255.255.255.240

duplex full

speed 100

!

interface FastEthernet0/0/0

description LAN trunk

switchport trunk allowed vlan 1,2,103,1002-1005

switchport mode trunk

!

interface FastEthernet0/0/1

description DMZ trunk

switchport trunk allowed vlan 1,2,203,1002-1005

switchport mode trunk

!

interface FastEthernet0/0/2

switchport access vlan 403

bandwidth 4000

!

interface FastEthernet0/0/3

shutdown

!

interface Vlan1

no ip address

!

interface Vlan103

ip address 10.0.24.1 255.255.255.0

ip nat inside

ip virtual-reassembly

!

interface Vlan203

ip address 203.1.2.3 255.255.255.248

!

interface Vlan403

ip address 172.16.2.9 255.255.255.252

!

...

!

ip route 0.0.0.0 0.0.0.0 203.166.90.133

!

ip nat source list 101 interface FastEthernet0/0 overload

!

access-list 101 permit ip any any

I can ping anything connected to my other private networks from my 10.0.24.0 network but nothing on the Internet.

Nothing is getting translated.

Total active translations: 0 (0 static, 0 dynamic; 0 extended)

Outside interfaces:

  FastEthernet0/0

Inside interfaces:

  Vlan103

Hits: 0  Misses: 0

CEF Translated packets: 0, CEF Punted packets: 0

Expired translations: 0

Dynamic mappings:

-- Outside Destination

[Id: 1] access-list 101 interface FastEthernet0/0 refcount 0

Appl doors: 0

Normal doors: 0

Queued Packets: 0

Any ideas?

Thanks.

3 Replies 3

rsavena14
Level 1
Level 1

Have you tried adding inside from your configuration.

ip nat inside source list 101 interface FastEthernet0/0 overload

Eduardo Cesaro
Level 1
Level 1

Yeah put the overload in the nat list

Sent from Cisco Technical Support iPhone App

Hi eduardo,

its the inside command you try to add.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: