From: Rodgers Moore (rodgers@xxxxxxxxxxxxxx)
Date: Thu Apr 05 2001 - 00:21:09 GMT-3
There are versions of 12.0 IOS with this type of NAT bug. Sorry I don't
remember the version numbers. Turning off route caching, seems to stick in m
y
head as a work around.
Rodgers Moore
Patrick Duroseau wrote:
> Has anyone seen a problem with static nat. Below is sample of a config where
> I have 2 internal ethernet interfaces and one external serial interface. The
> intent is to NAT everyone internal going out external to the serial
> interface IP address (in this case the unnumbered address), except for one
> static address.
>
> When I implement this config all the overloaded translations work fine, the
> problem is with the static. I see when a connection is initiated from the
> outside it gets translated and sent to the proper host. The sniffer shows
> that the host responds, acknowledging the SYN packet, but it appears that
> packet never leaves the router towards the initiating host, as a result the
> connection gets dropped.
>
> Any suggestions???
>
> BTW, router is a 2621 w/ 12.0(7)
>
> interface s0/0
> ip address unnumbered e0
> ip nat outside
>
> interface e0
> ip address 172.16.10.1 255.255.255.0
> ip nat inside
>
> interface e1
> ip address 172.16.5.10 255.255.255.0
> ip nat inside
>
> ip nat inside source list 116 interface serial0 overload
>
> ip nat inside source static 172.16.5.5 1.1.1.1
> !1.1.1.1 is a valid address routed from the Internet to my serial interface
>
> ip route 0.0.0.0 0.0.0.0 interf s0/0
>
> access-list 116 deny ip host 172.16.5.5 any
> access-list 116 permit ip any any
>
> ---------------------------------
> PD
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:29:40 GMT-3