From: Lab Candidate (labccie@xxxxxxxxx)
Date: Fri Feb 22 2002 - 20:15:25 GMT-3
Ahmed,
Your config is wrong or mistyped.
If you want to use 10.10.10.2 from outside to reach inside 192.168.1.2
just put in config as:
ip nat inside source static 192.168.1.2 10.10.10.2
You'll be fine now.
--- Ahmed Mamoor Amimi <mamoor@ieee.org> wrote:
> Hi,
> I have very very simple NAT :
> (inside)R1---------------(e0)R2(NAT)(e1)-----------R3(outside)
> R2 : 192.168.1.1 ---> e0
> 10.10.10.1 -----> e1
> R2 : 192.168.1.2
> R3 : 10.10.10.2
>
> At R2 i have stated :
> ip nat inside static 192.168.1.2 10.10.10.10
> When ever ip add 192.168.1.2 comes translate it to 10.10.10.10
>
> ip nat outside static 10.10.10.2 192.168.1.100
> When ever ip add 10.10.10.2 comes translate it to 192.168.1.100
>
> R1 and R3 are having a default route to R2.
>
> When i ping from R1 it is successful and translation occur.
> As R1 is inside so routing first occur then translation.
>
> When i ping from R3 it is not successful but translation occur
> As R3 is outside translation occur then routing.
>
>
> R3 is sending the packet to R1 and R1 is reciveing it as a source of
> 192.168.1.100, as NAT translate from 10.10.10.2 --> 192.168.1.100
> And R1 is also send the packet to destination of 192.168.1.100 but when R2
> recive it , it returns the packet to the same ethernet and dont let to packet
> been return translated to 10.10.10.2 as 192.168.1.100 --> 10.10.10.2
>
> here is the debug of R1 when i ping from R3
> r1#
> 01:23:43: IP: s=192.168.1.100 (Ethernet0), d=192.168.1.2, len 100, rcvd 1
> 01:23:43: ICMP type=8, code=0
> 01:23:43: IP: s=192.168.1.2 (local), d=192.168.1.100 (Ethernet0), len 100,
> sendi
> ng
> 01:23:43: ICMP type=0, code=0
> r1#
> 01:23:45: IP: s=192.168.1.100 (Ethernet0), d=192.168.1.2, len 100, rcvd 1
> 01:23:45: ICMP type=8, code=0
> 01:23:45: IP: s=192.168.1.2 (local), d=192.168.1.100 (Ethernet0), len 100,
> sendi
> ng
> 01:23:45: ICMP type=0, code=0
>
> it is clearing saying that it is reciving the ping from 192.168.1.100 and the
n
> sending back to it but when R2 gets it packet it say :
>
> 01:16:12: IP: s=192.168.1.2 (Ethernet0), d=192.168.1.100 (Ethernet0), len 100
,
> r
> cvd 3
> 01:16:12: ICMP type=0, code=0
> 01:16:12:
> framer7#
> 01:16:14: IP: s=192.168.1.2 (Ethernet0), d=192.168.1.100 (Ethernet0), len 100
,
> r
> cvd 3
> 01:16:14: ICMP type=0, code=0
>
> it is clear that R2 is recives the packet from R1 then it return the packet t
o
> ethernet 0 .
>
> ........
> The funny thing is that when i directly ping from R1 to address 192.168.1.100
> then it succeed.
> here is the debug of R2 :
>
> 01:31:32: ICMP type=0, code=0
> 01:31:32:
> 01:31:33: IP: s=192.168.1.2 (Ethernet0), d=192.168.1.100 (Ethernet0), len 100
,
> r
> cvd 3
> 01:31:33: ICMP type=8, code=0
> 01:31:33:
> 01:31:33: IP: s=192.168.1.100 (local), d=192.168.1.2 (Ethernet0), len 100,
> sendi
> ng
> 01:31:33: ICMP type=0, code=0
> 01:31:33:
> 01:31:33: IP: s=192.168.1.2 (Ethernet0), d=192.168.1.100 (Ethernet0), len 100
,
> r
> cvd 3
> 01:31:33: ICMP type=8, code=0
> 01:31:33:
> 01:31:33: IP: s=192.168.1.100 (local), d=192.168.1.2 (Ethernet0), len 100,
> sendi
> ng
> 01:31:33: ICMP type=0, code=0
>
>
> Summary : from R1 i can ping to R3 translated
> from R3 i cant ping R1 translated
> R1 is in inside
> R3 is in outside
>
>
> -Mamoor
This archive was generated by hypermail 2.1.4 : Thu Jun 20 2002 - 13:46:31 GMT-3