Re: NAT translation failed (a)

jazzybrakes · ‎06-15-2020

GATEWAY_ROUTER#sh run
Building configuration...

Current configuration : 1755 bytes
!
! Last configuration change at 13:29:25 GMT Mon Jun 15 2020
! NVRAM config last updated at 13:07:38 GMT Mon Jun 15 2020
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname GATEWAY_ROUTER
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
enable secret 5 $1$uOWZ$boGRiZVMoU9gX411Z70V.0
!
no aaa new-model
clock timezone GMT -4
ip source-route
!
!
ip dhcp excluded-address 172.168.2.1 172.168.2.10
ip dhcp excluded-address 172.168.1.1 172.168.1.10
!
ip dhcp pool net-172-168-1
network 172.168.1.0 255.255.255.224
dns-server 8.8.8.8
default-router 172.168.1.1
!
ip dhcp pool net-172-168-2
network 172.168.2.0 255.255.255.224
default-router 172.168.2.1
dns-server 8.8.8.8
!
!
ip cef
multilink bundle-name authenticated
!
!
archive
log config
hidekeys
!
!
!
!
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1
ip address dhcp
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
!
interface Serial0/0/0
ip address 10.0.0.1 255.255.255.252
ip nat inside
ip virtual-reassembly
no fair-queue
!
router ospf 1
log-adjacency-changes
network 10.0.0.0 0.0.0.3 area 0
network 192.168.2.0 0.0.0.255 area 0
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 dhcp
!
!
no ip http server
ip nat inside source list 1 interface FastEthernet0/1 overload
!
access-list 1 permit 172.168.2.0 0.0.0.31
access-list 1 permit 172.168.1.0 0.0.0.31
!
!
control-plane
!
banner motd ^C GATEWAY ROUTER AND DHCP SERVER ^C
!
line con 0
password 7 104D000A0618
login
line aux 0
line vty 0 4
password 7 13061E010803
login
transport input telnet
!
scheduler allocate 20000 1000
ntp master
end

LOCAL_ROUTER>en
LOCAL_ROUTER#sh run
Building configuration...

Current configuration : 1164 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname LOCAL_ROUTER
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
ip cef
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1
description connection to sub-if
no ip address
duplex auto
speed auto
!
interface FastEthernet0/1.5
encapsulation dot1Q 5
ip address 172.168.1.1 255.255.255.224
ip helper-address 10.0.0.1
!
interface FastEthernet0/1.6
encapsulation dot1Q 6
ip address 172.168.2.1 255.255.255.224
ip helper-address 10.0.0.1
!
interface Serial0/0/0
ip address 10.0.0.2 255.255.255.252
no fair-queue
!
router ospf 1
log-adjacency-changes
network 10.0.0.0 0.0.0.3 area 0
network 172.168.1.0 0.0.0.31 area 0
network 172.168.2.0 0.0.0.31 area 0
!
ip forward-protocol nd
!
!
ip http server
no ip http secure-server
!
!
!
!
control-plane
!
!
banner motd ^CLOCAL ROUTER CONNECTED TO SWITCH 1, 2 ^C
!
line con 0
password cisco
login
line aux 0
line vty 0 4
password cisco
login
transport input telnet
!
scheduler allocate 20000 1000
end

jazzybrakes · ‎06-16-2020

can anyone assist me in figuring why i am getting this NAT translation failure. I did debug ip nat and i got that error. So i am not sure why i am getting it because the configuration looks correct.

Richard Bradfield · ‎06-22-2020

does the fa0/1 interface on the gateway router get an IP address?

jazzybrakes · ‎06-22-2020

yes fa 0/1 interface is connected directly to the isp router which assigns the interface with an ip address

Richard Bradfield · ‎06-22-2020

can you try using a route-map instead

route-map SDM_RMAP_1 permit 1
match ip address 1
ip nat inside source route-map SDM_RMAP_1 interface FastEthernet0/1 overload

jazzybrakes · ‎06-23-2020

The route map did not work

Richard Bradfield · ‎06-23-2020

can you share the " debug ip nat detailed"

and "sh ip nat stat"

jazzybrakes · ‎06-24-2020

DEBUGGING

Jun 24 10:54:25.646: mapping pointer available mapping:0
Jun 24 10:54:25.646: NAT: translation failed (A), dropping packet s=192.168.2.39 d=224.0.0.5
Jun 24 10:54:34.809: mapping pointer available mapping:0
Jun 24 10:54:34.809: NAT: translation failed (A), dropping packet s=192.168.2.39 d=224.0.0.5
Jun 24 10:54:44.512: mapping pointer available mapping:0
Jun 24 10:54:44.512: NAT: translation failed (A), dropping packet s=192.168.2.39 d=224.0.0.5
Jun 24 10:54:54.252: mapping pointer available mapping:0
Jun 24 10:54:54.252: NAT: translation failed (A), dropping packet s=192.168.2.39 d=224.0.0.5
Jun 24 10:54:57.367: mapping pointer available mapping:0
Jun 24 10:54:57.367: NAT: i: icmp (192.168.2.39, 2054) -> (192.168.2.13, 62496) [62]
Jun 24 10:55:03.611: mapping pointer available mapping:0
Jun 24 10:55:03.611: NAT: translation failed (A), dropping packet s=192.168.2.39 d=224.0.0.5
Jun 24 10:55:13.498: mapping pointer available mapping:0
Jun 24 10:55:13.498: NAT: translation failed (A), dropping packet s=192.168.2.39 d=224.0.0.5
Jun 24 10:55:22.981: mapping pointer available mapping:0
Jun 24 10:55:22.981: NAT: translation failed (A), dropping packet s=192.168.2.39 d=224.0.0.5
Jun 24 10:55:32.848: mapping pointer available mapping:0
Jun 24 10:55:32.848: NAT: translation failed (A), dropping packet s=192.168.2.39 d=224.0.0.5
Jun 24 10:55:42.620: mapping pointer available mapping:0
Jun 24 10:55:42.620: NAT: translation failed (A), dropping packet s=192.168.2.39 d=224.0.0.5
Jun 24 10:55:51.687: mapping pointer available mapping:0
Jun 24 10:55:51.687: NAT: translation failed (A), dropping packet s=192.168.2.39 d=224.0.0.5
Jun 24 10:55:57.366: mapping pointer available mapping:0
Jun 24 10:55:57.370: NAT: i: icmp (192.168.2.39, 2054) -> (192.168.2.13, 50673) [75]
Jun 24 10:56:00.802: mapping pointer available mapping:0
Jun 24 10:56:00.802: NAT: translation failed (A), dropping packet s=192.168.2.39 d=224.0.0.5
Jun 24 10:56:09.809: mapping pointer available mapping:0
Jun 24 10:56:09.809: NAT: translation failed (A), dropping packet s=192.168.2.39 d=224.0.0.5
Jun 24 10:56:18.989: mapping pointer available mapping:0

NAT STATISTICS

GATEWAY_ROUTER#sh ip nat statistics
Total active translations: 5 (0 static, 5 dynamic; 5 extended)
Peak translations: 8, occurred 00:01:18 ago
Outside interfaces:
FastEthernet0/1
Inside interfaces:
Serial0/0/0
Hits: 9 Misses: 0
CEF Translated packets: 0, CEF Punted packets: 0
Expired translations: 4
Dynamic mappings:
-- Inside Source
[Id: 1] access-list 1 interface FastEthernet0/1 refcount 5
Appl doors: 0
Normal doors: 0
Queued Packets: 0
GATEWAY_ROUTER#sh ip nat stat
Total active translations: 5 (0 static, 5 dynamic; 5 extended)
Peak translations: 8, occurred 00:02:02 ago
Outside interfaces:
FastEthernet0/1
Inside interfaces:
Serial0/0/0
Hits: 10 Misses: 0
CEF Translated packets: 0, CEF Punted packets: 0
Expired translations: 5
Dynamic mappings:
-- Inside Source
[Id: 1] access-list 1 interface FastEthernet0/1 refcount 5
Appl doors: 0
Normal doors: 0
Queued Packets: 0

IP INT BRIEF

Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 unassigned YES NVRAM administratively down down
FastEthernet0/1 192.168.2.39 YES DHCP up up
Serial0/0/0 10.0.0.1 YES NVRAM up up
NVI0 unassigned YES unset administratively down down

QUESTION: normally when i do natting i always see NVIO is always up but this time it is administratively down down? Could that be affecting the NAT. Because i heard when natting is done is automatically assign an IP address and administratively up up?

jazzybrakes · ‎06-24-2020

I have change the route map back to accesslist I was trying some other stuff

jazzybrakes · ‎06-26-2020

Well I have figured it out.....

router ospf 1

default-information orginate

ip router 0.0.0.0 0.0.0.0 isp router address

i change the default route and add the default information originate and it worked. i cant believe i forgot tat crucial information. Thank you for all your response