Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
610
Views
0
Helpful
3
Replies

static NAT configured ip address don't get internet access

govindaghr
Level 1
Level 1

‎04-25-2015 11:44 PM - edited ‎03-07-2019 11:44 PM

I have static NAT configured in my network with bunch of leased (Global) IP address, but suddenly my nat ip do not get internet access, where-as if i use other ip address, i can connect to the internet without any problem. 

The point is that I have used the static nat for my web-server and due to this sudden problem, now it is offline. 

I have following Nat on my CISCO ISR2600:

int gigabitethernet 0/1
ip addr 118.xxx.xxx.xxx 255.255.255.xxx
ip access-group 110 in
ip access-group 110 out
ip nat outside 
duplex auto
speed auto
no shutdown
exit

ip nat inside source list 1 int gigabitethernet 0/1 overload
ip nat inside source static 192.168.100.xx 118.xxx.xxx.xxx
ip nat inside source static 192.168.100.xx 118.xxx.xxx.xxx
ip nat inside source static 192.168.100.xx 118.xxx.xxx.xxx
ip nat inside source static 192.168.100.xx 118.xxx.xxx.xxx
ip nat inside source static 192.168.100.xx 118.xxx.xxx.xxx
ip nat outside source static 192.168.100.xx 118.xxx.xxx.xxx
ip nat outside source static 192.168.100.xx 118.xxx.xxx.xxx
ip nat outside source static 192.168.100.xx 118.xxx.xxx.xxx
ip nat outside source static 192.168.100.xx 118.xxx.xxx.xxx
ip nat outside source static 192.168.100.xx 118.xxx.xxx.xxx
ip classless
ip route 0.0.0.0 0.0.0.0 118.xxx.xxx.xxx
no ip http server
access-list 1 permit 192.168.100.0 0.0.0.255
access-list 110 permit ip any any

Labels:
0 Helpful
3 Replies 3

Reza Sharifi
Hall of Fame
Hall of Fame

‎04-26-2015 07:32 AM

What is the purpose of access-list 110?

ip access-group 110 in
ip access-group 110 out

access-list 110 permit ip any any

HTH

0 Helpful

govindaghr
Level 1
Level 1
In response to Reza Sharifi

‎04-26-2015 08:16 PM

currently, it is for no use.

i have not done any filtering as of now.

 

is it because of 

"ip access-group 110 in
ip access-group 110 out

access-list 110 permit ip any any" ,

my static nat is being blocked?

0 Helpful

chhayheng
Level 1
Level 1
In response to govindaghr

‎05-20-2015 06:32 PM

Hello govidaghr.

int gigabitethernet 0/1
ip addr 118.xxx.xxx.xxx 255.255.255.xxx
ip access-group 110 in
ip access-group 110 out
ip nat outside 
duplex auto
speed auto
no shutdown

access-list 110 permit ip any any
 

you are wrong with access list. You have to apply 'ip access-group 110 in' inside interface
and 'ip access-group 110 out' outside interface 

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card