Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
812
Views
5
Helpful
4
Replies

Cannot Reach LAN after NAT outside and NAT inside.

Jonathan Nali
Level 1
Level 1

‎11-09-2020 11:45 PM

Hello everyone,

I just finished my MPLS configuration but I have one last roadblock. 

I can reach my HQ LAN(10.10.1.0/24) from my branch but HQ cannot reach branch LAN(10.10.3.0/24).

This happened after I did NAT outside and NAT inside on the branch router. 

I can reach the interface facing outside but cannot reach the interface facing the LAN

 

mapktw.JPG

 

=================================================================================


no ip source-route
!
!
ip dhcp relay information option
ip dhcp relay information trust-all
ip dhcp excluded-address 10.10.3.253
ip dhcp excluded-address 10.10.3.252
ip dhcp excluded-address 10.10.3.1 10.10.3.50
!
ip dhcp pool KITWE-POOL
network 10.10.3.0 255.255.255.0
default-router 10.10.3.3
dns-server 10.10.1.4
!
!
ip cef
no ip domain lookup
ip name-server 8.8.8.8
no ipv6 cef
!
!
multilink bundle-name authenticated

!
!
interface Loopback0
ip address 3.3.3.3 255.255.255.255
!
!
interface FastEthernet0
switchport access vlan 10
!
!
interface FastEthernet1
switchport access vlan 10
!
!
interface FastEthernet2
switchport access vlan 10
!
!
interface FastEthernet3
switchport access vlan 10
!
interface FastEthernet6
!
!
interface FastEthernet7
!
!
interface FastEthernet8
ip dhcp relay information option-insert
ip address 192.168.124.10 255.255.255.252
ip directed-broadcast
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
!
!
interface GigabitEthernet0
description Internet
no ip address
ip virtual-reassembly
shutdown
duplex auto
speed auto
!
!
interface Vlan1
no ip address
shutdown
!
!
interface Vlan10
ip dhcp relay information option-insert
ip address 10.10.3.3 255.255.255.0
ip helper-address 10.10.3.3
ip directed-broadcast
ip nat inside
ip virtual-reassembly
!
!
interface Async1
no ip address
encapsulation slip
!
!
ip forward-protocol nd
ip forward-protocol udp talk
no ip http server
no ip http secure-server
!
!
ip nat inside source list 113 interface FastEthernet8 overload
ip nat outside source static 10.10.1.0 10.10.3.3
ip nat outside source static 192.168.124.2 192.168.124.10
ip route 0.0.0.0 0.0.0.0 192.168.124.1 2
ip route 0.0.0.0 0.0.0.0 192.168.124.2 5
ip route 10.10.1.0 255.255.255.0 192.168.124.9
ip route 10.10.1.0 255.255.255.0 192.168.124.2 3
ip route 10.10.2.0 255.255.255.0 192.168.124.9
ip route 192.168.124.0 255.255.255.252 192.168.124.9
ip route 192.168.124.0 255.255.255.252 FastEthernet8 3
!
access-list 113 deny ip 10.10.3.0 0.0.0.255 10.10.1.0 0.0.0.255
access-list 113 permit ip 10.10.3.0 0.0.0.255 any
access-list 113 deny ip 10.10.1.0 0.0.0.255 any

 

=======================================================================

Any assistance will be highly appreciated.

4 Replies 4

Leo Laohoo
Hall of Fame
Hall of Fame

‎11-09-2020 11:54 PM

Please post this homework/schoolwork in the Cisco Learning Network.

0 Helpful

Jonathan Nali
Level 1
Level 1
In response to Leo Laohoo

‎11-10-2020 01:43 AM

Hi @Leo Laohoo ,

thanks for the suggestion. 

Fortunately, it's real life, the image is just a network map.
@Georg Pauwen , it is not a packet tracer project. I just used PT to draw my network map. the issue is on the router configurations.

0 Helpful

Georg Pauwen
VIP
VIP

‎11-10-2020 12:08 AM

Hello,

 

post the zipped Packet Tracer project (.pkt) file...

0 Helpful

Jonathan Nali
Level 1
Level 1
In response to Georg Pauwen

‎11-11-2020 12:42 AM

Hi, 

Do you have a solution in mind?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card