Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
1372
Views
0
Helpful
7
Replies

unable to ping other LAN with PAT

tyr668
Level 1
Level 1

ā€Ž11-06-2023 07:04 AM

hi guys ,

Why am I able to ping all the public IP addresses from both my LANs using PAT? but it failed when I tried pinging from left LAN to right LAN (or vice versa) . However, if I remove all the PAT configuration, then pinging is successful. also , how do i configure the HQ server network with the website to be accessible from internet using DNAT (should be configured by using the next available public IP address range.) instead of SNAT . currently static nat for the web server has been configured. 

                       

 

 

tyr668_0-1699282804386.png

tyr668_1-1699282825243.png

tyr668_2-1699282831967.png

 

 

Labels:
pkt_file.zip
0 Helpful
7 Replies 7

marce1000
Hall of Fame
Hall of Fame

ā€Ž11-06-2023 09:40 AM

 

 - Checkout : https://learningnetwork.cisco.com/s/topic/0TO6e000000WEorGAG/packet-tracer

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

tyr668
Level 1
Level 1
In response to marce1000

ā€Ž11-07-2023 07:48 AM

hi , can't seem to access that link

0 Helpful

marce1000
Hall of Fame
Hall of Fame
In response to tyr668

ā€Ž11-07-2023 07:56 AM

 

             - Better is to explain what happens then (too) , 

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

MHM Cisco World
VIP
VIP

ā€Ž11-07-2023 08:02 AM

Friend 

PAT is unidirectional NATing 

Static NAT is bidirectional NATing 

So ping from outside to host inside using public ip is never work with PAT.

You need to use 1:1 static NAT

0 Helpful

tyr668
Level 1
Level 1
In response to MHM Cisco World

ā€Ž11-07-2023 08:07 AM

but both my lans are running on private IPs . it just got PAT on each of the exit router 

0 Helpful

MHM Cisco World
VIP
VIP
In response to tyr668

ā€Ž11-07-2023 08:15 AM

again the PAT is unidirectional from Inside to Outside 
so 
LAN1-R1(PAT)-WAN-R2(PAT)-LAN2 

when you ping from LAN1 to LAN2 
you need to use private IP of LAN2 in Ping 
you need to sure that LAN1 and LAN2 reachable to each other 

Thanks A Lot
MHM 

0 Helpful

Martin L
VIP
VIP

ā€Ž11-07-2023 12:44 PM

Normally, in real world, communication between HQ and branch offices is done via VPN and/or private tunnels.  ISP will never route Private IP ranges; PAT/NAT is mostly used to reach Internet. So, I am not sure about this assignment.

As per MHM suggestion of 1:1 static NAT, if u add ip nat inside source static 10.19.0.2 200.100.0.30 on Branch router u should be able to ping PC1 to server0. 

and "PAT is unidirectional from Inside to Outside" is just like your home router set up. in case u reaching this site,  you must initiate traffic not the other way around. 

Regards, ML
**Please Rate All Helpful Responses **

0 Helpful
Customers Also Viewed These Support Documents