cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
940
Views
0
Helpful
7
Replies

Problem with NAT configuration

domcia339
Level 1
Level 1

Hello,

I've configured NAT, but it is not working.

Could you tell me what is wrong with my configuration?

 -------------------------------------------------------------------------

!

 

!

upgrade fpd auto

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname R1

!

boot-start-marker

boot-end-marker

!

logging message-counter syslog

!

no aaa new-model

ip source-route

no ip icmp rate-limit unreachable

ip cef

!

!

!

!

ip name-server 8.8.8.8

no ipv6 cef

!

multilink bundle-name authenticated

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

archive

log config

hidekeys

!

!

!

!

!

ip tcp synwait-time 5

!

!

!

!

interface FastEthernet0/0

ip address dhcp

ip nat outside

ip virtual-reassembly

duplex half

!

interface FastEthernet1/0

ip address 194.169.1.1 255.255.255.0

ip nat inside

ip virtual-reassembly

duplex half

!

interface FastEthernet2/0

ip address 194.169.2.1 255.255.255.0

ip nat inside

ip virtual-reassembly

duplex half

!

router ospf 1

log-adjacency-changes

network 1.1.1.0 0.0.0.255 area 0

network 194.169.1.0 0.0.0.255 area 0

network 194.169.2.0 0.0.0.255 area 0

!

ip forward-protocol nd

no ip http server

no ip http secure-server

!

!

ip nat inside source list 1 interface FastEthernet0/0 overload

!

access-list 1 permit 194.169.1.0 0.0.0.255

no cdp log mismatch duplex

!

!

!

!

!

!

control-plane

!

!

!

!

!

!

!

gatekeeper

shutdown

!

!

line con 0

exec-timeout 0 0

privilege level 15

logging synchronous

stopbits 1

line aux 0

exec-timeout 0 0

privilege level 15

logging synchronous

stopbits 1

line vty 0 4

login

!

end

 -----------------------------------------------------------------------------

 

 

 

 

Thank you,

Best Regards,

 

7 Replies 7

Hello,

 

looks like your default route is missing, and the access list misses one subnet. Make sure the below is in your config:

 

ip route 0.0.0.0 0.0.0.0 FastEthernet0/0 dhcp

!

access-list 1 permit 194.169.1.0 0.0.0.255

access-list 1 permit 194.169.2.0 0.0.0.255

Hello,

 

Thanks for your reply!

 

I've added these lines to my configuration, but nothing has changed.

NAT is still not working.

Command "show ip nat translations" show nothing.

 

Do you have any other idea, what should I do?

 

Thanks.

 

Hello,

 

can you post the output of 'show ip int brief' ?

Also, can you ping 8.8.8.8 from the router ?

Yes, I can.

Hello,

show ip int brief:

Interface                  IP-Address      OK? Method Status                Protocol
FastEthernet0/0            172.16.201.87   YES DHCP   up                     up
FastEthernet1/0            194.169.1.1      YES NVRAM  up                    up
FastEthernet2/0            194.169.2.1      YES NVRAM  up                    up
Loopback0                   1.1.1.1              YES NVRAM  up                    up
NVI0                            1.1.1.1               YES unset  up                       up

Hello,

 

what does the rest of your topology look like, that is, is this a standalone router, or part of a larger network ?

Also, can your clients ping 172.16.201.87 ?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco