Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1141
Views
5
Helpful
11
Replies

Problem with NAT configuration

shoaib sheikh
Level 1
Level 1

‎09-28-2015 06:14 AM - edited ‎03-10-2019 12:32 PM

Hello All,

 

I have done NAT config on the switch but it is not working. If anyone could be of help.

 

interface Vlan25 
 ip address 10.18.95.126 255.255.255.224
 ip nat outside
end

 

interface Vlan2
 ip address 192.168.1.1 255.255.255.248
 ip nat inside

 

show run | sec access-list 101
access-list 101 permit ip 192.168.1.0 0.0.0.7 any
access-list 101 permit icmp 192.168.1.0 0.0.0.7 any

 

 

ip nat inside source list 101 interface Vlan25 overload

 

ping 10.18.96.55 source vlan 25
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.18.96.55, timeout is 2 seconds:
Packet sent with a source address of 10.18.95.126
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms

 

 

ping 10.18.96.55 source vlan 2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.18.96.55, timeout is 2 seconds:
Packet sent with a source address of 192.168.1.1
.....
Success rate is 0 percent (0/5)

 

The reason I have to do nat is because I do not have reverse route for 192 network.

 

Labels:
0 Helpful
11 Replies 11

dasiimwe
Level 1
Level 1

‎09-28-2015 06:35 AM

enable 'ip routing' on the switch. can you share 'show ip route'?
 

0 Helpful

shoaib sheikh
Level 1
Level 1
In response to dasiimwe

‎09-29-2015 06:20 AM

routing is already enabled.

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame
In response to shoaib sheikh

‎09-29-2015 06:26 AM

What is the model of the switch ?

Jon

0 Helpful

Sergey Lazarev
Level 1
Level 1
In response to Jon Marshall

‎09-29-2015 06:30 AM

The only switch which support NAT is 6500. If you use 3750 or something like that, then you may be better off looking to a low end router to do the NAT.

shoaib sheikh
Level 1
Level 1
In response to Sergey Lazarev

‎09-29-2015 08:04 AM

Hello Sergey,

This is 6506 E in VSS.

 

Thanks 

0 Helpful

Sergey Lazarev
Level 1
Level 1
In response to shoaib sheikh

‎09-29-2015 08:10 AM

The thing is, NAT works between interfaces, so did you try to send ping from any host connected to network 192.168.1.0? (not from switch)

0 Helpful

shoaib sheikh
Level 1
Level 1
In response to Sergey Lazarev

‎09-29-2015 09:34 PM

Hi Sergey,

I already did it during initial troubleshooting. I initiated ping from host in vlan 2 but that was also not working.

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame
In response to shoaib sheikh

‎09-30-2015 07:19 AM

Can you ping from a client and then see what "sh ip nat translations" is showing.

Jon

0 Helpful

shoaib sheikh
Level 1
Level 1
In response to Jon Marshall

‎09-29-2015 08:05 AM

Hello Jon,

This is 6506 E in VSS.

 

Thanks 

0 Helpful

Ricardo Ochoa
Level 1
Level 1

‎09-28-2015 01:57 PM

Hi,

 

Can you share the next commands, i supuse in the first ping it wasnt applying NAT at all...

 

Show ip route

show ip nat translations

 

 

0 Helpful

paul driver
VIP
VIP

‎09-29-2015 09:01 AM

Hello

can you confirm  if your subnet addressing is correct for vlan 25 on either side of my your wan connection

Vlan  25 is in an different network then the prefix you are pinging 

 Can you post output of routing table as suggested by others

 

res

paul

 

 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card