cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
7565
Views
18
Helpful
7
Replies

NAT-symdb: DB is either not enabled

gambitlegend
Level 1
Level 1

Hi guys!

I have a router (2811) configured to NAT addresses between my internal network and the internet.

If I connect my laptop straight to the internal network port (FE0/0) I am unable to ping to the internet, but if i try to ping from the router it's sucessfull.

My friend tried to debug this and the following error was showing a lot of times - NAT-symdb: DB is either not enabled - I don't understand why.

I alradey tried to apply a static IP address in the Internet port (FE0/1) but it stills the same

Here you have the configuration in the router:

interface FastEthernet0/0

ip address 10.128.1.254 255.255.255.0

ip nat inside

ip nat enable

ip virtual-reassembly

duplex auto

speed auto

!

interface FastEthernet0/1

ip address dhcp client-id FastEthernet0/1

ip nat outside

ip nat enable

ip virtual-reassembly

duplex auto

speed auto

!

no ip forward-protocol nd

!

!

no ip http server

ip nat inside source list 100 interface Fast

ip route 0.0.0.0 0.0.0.0 FastEthernet0/1

!

access-list 100 permit ip any any log-input

7 Replies 7

Jon Marshall
Hall of Fame
Hall of Fame

Paulo

Can you do the following -

1) under each interface remove the "ip nat enable" command but leave the "ip nat [inside/outside]" config line

2) can you confirm that you have the full statement in your config -

ip nat inside source list 100 interface fa0/1 overload

3) can you then try to connect from an internal host and post -

i) the output of "sh ip nat translations"

ii) confirm the IP address of the internal device you pinged from

Jon

Hi John!

1) I did what u said to me and the config now is:

interface FastEthernet0/0

ip address 10.128.1.254 255.255.255.0

ip nat inside

ip virtual-reassembly

duplex auto

speed auto

!

interface FastEthernet0/1

ip address dhcp client-id FastEthernet0/1

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

!

no ip forward-protocol nd

!

!

no ip http server

2) ip nat inside source list 100 interface FastEthernet0/1 overload

ip route 0.0.0.0 0.0.0.0 FastEthernet0/1

!

access-list 100 permit ip any any log-input

3) The ip form the device connected to the router is 10.128.1.44
4) Here you have the results for the "sh ip nat translations" command:
Pro Inside global      Inside local       Outside local      Outside global
tcp 196.202.255.33:50599 10.128.1.44:50599 88.147.42.249:80  88.147.42.249:80
udp 196.202.255.33:50622 10.128.1.44:50622 24.161.161.223:12087 24.161.161.223:1                                                                             2087
udp 196.202.255.33:50622 10.128.1.44:50622 24.210.171.170:36186 24.210.171.170:3                                                                             6186
udp 196.202.255.33:50622 10.128.1.44:50622 41.248.211.118:30632 41.248.211.118:3                                                                             0632
udp 196.202.255.33:50622 10.128.1.44:50622 46.109.210.104:31346 46.109.210.104:3                                                                             1346
udp 196.202.255.33:50622 10.128.1.44:50622 49.132.153.42:60671 49.132.153.42:606                                                                             71
udp 196.202.255.33:50622 10.128.1.44:50622 64.142.36.44:19357 64.142.36.44:19357
udp 196.202.255.33:50622 10.128.1.44:50622 66.31.30.52:65311 66.31.30.52:65311
udp 196.202.255.33:50622 10.128.1.44:50622 68.149.1.118:26772 68.149.1.118:26772
udp 196.202.255.33:50622 10.128.1.44:50622 70.92.31.167:58357 70.92.31.167:58357
udp 196.202.255.33:50622 10.128.1.44:50622 70.180.104.155:24773 70.180.104.155:2                                                                             4773
udp 196.202.255.33:50622 10.128.1.44:50622 71.93.42.46:17664 71.93.42.46:17664
udp 196.202.255.33:50622 10.128.1.44:50622 72.37.217.152:38626 72.37.217.152:386                                                                             26
udp 196.202.255.33:50622 10.128.1.44:50622 72.42.165.100:28544 72.42.165.100:285                                                                             44
Pro Inside global      Inside local       Outside local      Outside global
udp 196.202.255.33:50622 10.128.1.44:50622 72.241.148.202:28186 72.241.148.202:28186
udp 196.202.255.33:50622 10.128.1.44:50622 76.109.110.152:1767 76.109.110.152:1767
udp 196.202.255.33:50622 10.128.1.44:50622 77.71.57.61:4505  77.71.57.61:4505
udp 196.202.255.33:50622 10.128.1.44:50622 77.239.21.128:39419 77.239.21.128:39419
udp 196.202.255.33:50622 10.128.1.44:50622 78.128.94.168:23633 78.128.94.168:23633
udp 196.202.255.33:50622 10.128.1.44:50622 78.128.111.10:21860 78.128.111.10:21860
udp 196.202.255.33:50622 10.128.1.44:50622 78.130.170.196:59624 78.130.170.196:59624
udp 196.202.255.33:50622 10.128.1.44:50622 78.142.11.8:12004 78.142.11.8:12004
udp 196.202.255.33:50622 10.128.1.44:50622 78.142.48.208:24591 78.142.48.208:24591
udp 196.202.255.33:50622 10.128.1.44:50622 79.11.147.120:19892 79.11.147.120:19892
udp 196.202.255.33:50622 10.128.1.44:50622 81.192.193.182:33712 81.192.193.182:33712
udp 196.202.255.33:50622 10.128.1.44:50622 82.154.169.88:32509 82.154.169.88:32509
udp 196.202.255.33:50622 10.128.1.44:50622 82.160.248.142:50892 82.160.248.142:50892
udp 196.202.255.33:50622 10.128.1.44:50622 84.54.176.74:38992 84.54.176.74:38992
udp 196.202.255.33:50622 10.128.1.44:50622 86.3.6.253:28929  86.3.6.253:28929
udp 196.202.255.33:50622 10.128.1.44:50622 86.3.131.152:44760 86.3.131.152:44760
udp 196.202.255.33:50622 10.128.1.44:50622 87.119.65.209:23884 87.119.65.209:23884
udp 196.202.255.33:50622 10.128.1.44:50622 87.120.15.94:60347 87.120.15.94:60347
udp 196.202.255.33:50622 10.128.1.44:50622 87.120.29.133:33590 87.120.29.133:33590
udp 196.202.255.33:50622 10.128.1.44:50622 87.120.29.186:44339 87.120.29.186:44339
udp 196.202.255.33:50622 10.128.1.44:50622 87.120.166.111:49933 87.120.166.111:49933
udp 196.202.255.33:50622 10.128.1.44:50622 87.120.184.128:8192 87.120.184.128:8192
udp 196.202.255.33:50622 10.128.1.44:50622 87.121.157.135:36601 87.121.157.135:36601
udp 196.202.255.33:50622 10.128.1.44:50622 87.121.201.194:26604 87.121.201.194:26604
udp 196.202.255.33:50622 10.128.1.44:50622 88.189.249.153:9833 88.189.249.153:9833
udp 196.202.255.33:50622 10.128.1.44:50622 91.141.57.217:55367 91.141.57.217:55367
udp 196.202.255.33:50622 10.128.1.44:50622 92.75.9.13:7790   92.75.9.13:7790
udp 196.202.255.33:50622 10.128.1.44:50622 95.43.199.56:53571 95.43.199.56:53571
udp 196.202.255.33:50622 10.128.1.44:50622 128.111.185.144:46986 128.111.185.144:46986
udp 196.202.255.33:50622 10.128.1.44:50622 130.88.107.210:50406 130.88.107.210:50406
udp 196.202.255.33:50622 10.128.1.44:50622 130.88.114.155:62303 130.88.114.155:62303
udp 196.202.255.33:50622 10.128.1.44:50622 149.5.45.5:43008  149.5.45.5:43008
udp 196.202.255.33:50622 10.128.1.44:50622 149.5.45.137:33033 149.5.45.137:33033
udp 196.202.255.33:50622 10.128.1.44:50622 149.13.32.20:33033 149.13.32.20:33033
udp 196.202.255.33:50622 10.128.1.44:50622 151.54.143.57:53708 151.54.143.57:53708
udp 196.202.255.33:50622 10.128.1.44:50622 178.120.69.29:42559 178.120.69.29:42559
udp 196.202.255.33:50622 10.128.1.44:50622 178.140.3.116:28612 178.140.3.116:28612
udp 196.202.255.33:50622 10.128.1.44:50622 178.237.194.69:30685 178.237.194.69:30685
udp 196.202.255.33:50622 10.128.1.44:50622 188.28.59.78:57842 188.28.59.78:57842
udp 196.202.255.33:50622 10.128.1.44:50622 188.163.14.183:12295 188.163.14.183:12295
udp 196.202.255.33:50622 10.128.1.44:50622 194.228.249.3:55371 194.228.249.3:55371
udp 196.202.255.33:50622 10.128.1.44:50622 197.200.78.226:41920 197.200.78.226:41920
udp 196.202.255.33:50622 10.128.1.44:50622 207.255.223.69:35908 207.255.223.69:35908
udp 196.202.255.33:50622 10.128.1.44:50622 212.75.4.71:52196 212.75.4.71:52196
udp 196.202.255.33:50622 10.128.1.44:50622 212.233.161.154:19763 212.233.161.154:19763
udp 196.202.255.33:50622 10.128.1.44:50622 213.19.70.46:4733 213.19.70.46:4733
udp 196.202.255.33:50622 10.128.1.44:50622 213.91.130.228:1414 213.91.130.228:1414
Pro Inside global      Inside local       Outside local      Outside global
icmp 196.202.255.33:4  196.202.255.33:4   69.63.181.12:4     69.63.181.12:4
udp 196.202.255.33:80  196.202.255.33:80  81.243.117.103:21095 81.243.117.103:21095

Ok, now all seems Ok and you have Internet access for clients behind Fa0/0, right?

Also I suggest you modify ACL 100:

access-list 100 permit ip 10.128.1.0 0.0.0.255 any

This way you control for who you DO NAT.

Thank you guys, it's working now!

I had to reload the router 3 times before it picked the internet connection i don't understand why but it worked.

Hello,

 

yesterday I got the same issue... please take a look here: https://www.cisco.com/en/US/docs/ios-xml/ios/ipaddr_nat/configuration/15-0s/iadnat-monmain.html

 

"NAT does not support ACL with the log option."

 

Removing the "log" option at the end of the ACL it will work fine.

 

Regards,

 

 

Andrea

 

 

 

Removing the log option worked for me. Thank you Andrea. 

thanks , it really helps me, issue resolved now.
Review Cisco Networking for a $25 gift card