cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1272
Views
5
Helpful
5
Replies

Router Static NAT Issue

fmatrine
Level 1
Level 1

Hi,

We hv a network as per attached topology diagram.

Topology:-

Public Segment via Internet Leased Line and Private segment via point to point link between Internet Router and Private Router

Enabled static NAT on Internet router for Private Segment Sever (172.16.2.151) but unable to ping or browse to external world from the Natted Server.

Attaching the config for both the internet router as well as Private router.

Do i need to add any interface level nat commands or it will work.

Pls advise.

regards

5 Replies 5

fmatrine
Level 1
Level 1

Hi,

Ignore previous attachment of Internet_Router.

Regards

DB

Hi,

Along with the current configuration, You should configure "ip nat inside" ( in the private segment) and "ip nat outside" ( in the ouside segment) as follows.

interface FastEthernet0/0

description Connected to Private Segment

ip address 199.30.1.10 255.255.255.0

ip nat inside

duplex auto

speed 100

!

interface FastEthernet0/1

Connected to Public Segment

ip address 220.227.194.193 255.255.255.248

ip nat outside

duplex auto

speed auto

Only then nat will work.

HTH

-VJ

Thanx for the suggestion...

But my private server is in 172.16.2.x network and not 199.x.x.x segment.

Also second ethernet of Internet router is Public IP...once traffic arrives on the internet router from the private segment...won't it get natted statically on the public ip and go out.

Pls advise.

Regards

DB

In this case you should have the following config.

interface Serial0/0/0

Description Connected to Private_Router

ip address 192.168.165.30 255.255.255.252

ip nat inside

interface Serial0/0/1

Description Connected to Service Provider

ip nat outside

ip nat inside source static 172.16.2.151 220.227.194.197

Traffic from internet destined to the ip 220.227.194.197 will hit the serial interface 0/0/1 of your internet router. Here the nat translation should happend and convert the destination address to 172.16.2.151.

You need to have the "ip nat inside" and "ip nat outside" statements under proper interface to instruct the router how and when to NAT. With out which, your "ip nat inside source static..." command will not take effect at all.

HTH

-VJ

Hi,

Additional info.

The IP 220.227.194.197 is a part of 220.227.194.192/29 subnet,which is located in the Fastethernet 0/1 of your internet router.

Hence Ensure that this ip 220.227.194.197 is not used by another system in this segment. You should not use this IP, as long as it is used for NAT.

-VJ