08-08-2022 01:24 AM
Hi
I have this nat PKT to troubleshoot - it's very similar to a pkt file I posted the other day.
I created the access list and I can see with the statistics command that I am only getting the translations if I ping from the server to the pc. From pc to server it's not working I get all misses and no hit if I do a show ip nat statistics.
I am not sure what I have done wrong.
Any help would be much appreciated
Solved! Go to Solution.
08-08-2022 04:10 AM
Notice that your assignment is Troubleshooting one; This means some configs are incorrect on purpose.
I think This one follows ur assignment requirement.
Regards, ML
08-08-2022 04:38 AM
you are right no need static route
08-08-2022 02:14 AM
remove the second line of the ACL 10 (permit 10.0.0.0) that not correct
08-08-2022 02:43 AM - last edited on 08-09-2022 01:44 AM by Translator
Hi Thanks for that.
when I enter the
show access-list 1
command - it doesn't show the sequence numbers before the permit statements - how would I remove the second line?
Many thanks in advance
08-08-2022 02:48 AM - last edited on 08-09-2022 01:45 AM by Translator
Actually the other one is wrong and the whole assignment looks weird and incorrect;
no access-list 1 permit 192.168.1.0 0.0.0.255
access-list 1 permit 10.0.0.0 0.255.255.255
I need a bit more time to point all mistakes; I recommend start fresh !
08-08-2022 03:03 AM
Hi
Are you referring to this file I posted or the other one in the other post?
Basically for this one the goal is to allow all pc's to utilise nat and be able to ping the external server at 10.0.0.2. R1 is supposed to be the gateway router providing nat.
How would I achieve that?
I have attached the original file as I first got it.
Many thanks in advance
08-08-2022 03:36 AM
I am referring to file named TS3.4B NAT.pkt. I think is the one shared above
1st, Assignment says "All PCs should be able to utilise the NAT service and be able to ping the external server on 10.0.0.2." This would mean (at least to me) that Server is external device; PCs are internal. So, I think the goal here is that traffic going from PCs to Server should get translated; but not the other way around.
ip nat inside means take all incoming traffic on local (inside) interface and translate into global one (external). This is sort of one way direction once you apply to router. You specify interfaces with ip nat inside/outside commands. Traffic coming on outside interface should not be translated with ip nat inside command. All traffic coming on inside should be translated using ip nat inside command. So, right now we have GigabitEthernet0/0 as outside (ip nat outside) interface and GigabitEthernet0/1 10.0.0.1 as inside (ip nat inside). This does not follow our assignment requirement.
Does it make sense ? I am working on pt file that I think it should be correct. will attach it shortly
Regards, ML
08-08-2022 04:04 AM
Hi Martin
Thanks so much for that I really appreciated your help. I agree with you regarding assignment requirement. It is so weird how they phrase it though.
Once again thanks for your help
Cheers
08-08-2022 04:10 AM
08-08-2022 04:34 AM
Hi Martin Thanks so much - I think this configuration meets the requirements.
On a different note may I ask why there is a need for adding the static route on R1 - I had it configured in my file as well but I still don't understand the reason for it. I mean the server is directly connected. Why we need it?
Many thanks in advance
08-08-2022 04:38 AM
you are right no need static route
08-08-2022 05:02 AM
Thanks so much for the clarification.
08-08-2022 04:58 AM
Right, no need for default route (ip route 0.0.0.0 0.0.0.0). I think it came with file (original one). it could be "left over" from larger topology.
08-08-2022 05:02 AM
Gotcha thanks so much for your help Cheers
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide