From: Peter (peter@cyscoexpert.com)
Date: Sat Jun 07 2003 - 01:39:20 GMT-3
I am assuming you forgot to show that you have "ip nat outside" on Serial0
on R5, otherwise NAT wouldn't happen at all. Since it is happening (we see
ICMP arriving with source IP 153.1.200.12) that means your NAT works fine.
The problem is, since it is a multipoint connection (major interface on R9)
you would need to have a mapping to NATed addresses to be able to send a
packet over this connection. Add mappings to 5 addresses in the pool (.10
through .14) over DLCI 201 on R9 and it should work.
Another way would be to reconfigure R9 with point-to-point subinterface
and use "frame interface-dlci 201", this way you wouldn't need to worry
about mappings, it would always send a response to .10 through .14 over DLCI
201.
_____________________________
Peter
#7247 (R&S, Security, C&S)
CyscoExpert Corp.
4433 W. Touhy Ave. Suite 410
Lincolnwood, IL 60712
Phone (847) 674-3392
Toll Free (866) CyscoXP (297-2697)
Fax (847) 674-2625
----- Original Message -----
From: "kasturi cisco" <kasturi_cisco@hotmail.com>
To: <ccielab@groupstudy.com>
Cc: <rshummoo@ca.ibm.com>; <kaykkyu@yahoo.com>; <sbwei_2000@yahoo.com>;
<clay@pronettech.com>
Sent: Friday, June 06, 2003 9:08 PM
Subject: Nat Problem over FRelay ?
> Group,
>
> I found out the problem regds NAT as some of you have mentioned. The
> global address was not in the same subnet due to the mask /28. I changed
> the address and now NAT works BUT i have another problem which i run into
> in the process.
>
> I am trying simple NAT over Frelay which is between R5 and R9. I am
> trying to ping far end loopback and somehow it fails. I am unable to
> understand how to solve this problem. R5 and R9 are connected using NBMA
> network. It gives me encapsulation failure on R9 which is understandable.
> So do we have to have mapping for each device ?
>
> Here is config and toplogy, the routing table shows the entry in routing
> table.
>
> | --------- R5--------- NBMA-----------R9 -----loo0 153.1.12.9
> | e0 s0 s0
> |----------|
> 10.1.1.2/10.1.1.4
>
> ==========================
> R5 Config:
> interface Ethernet0
> ip address 10.1.1.1 255.255.255.0
> ip nat inside
> no keepalive
> !
> interface Serial0
> ip address 153.1.200.5 255.255.255.240
> encapsulation frame-relay
> no fair-queue
> clockrate 64000
> no arp frame-relay
> no frame-relay inverse-arp
> frame-relay map ip 153.1.200.9 102 broadcast
> !
> router ospf 100
> log-adjacency-changes
> network 153.1.0.0 0.0.255.255 area 0
> neighbour 153.1.200.9
> !
> ip nat pool local 153.1.200.10 153.1.200.14 prefix-length 28
> ip nat inside source list 10 pool local
> ip classless
> ip http server
> !
> access-list 10 permit 10.1.1.0 0.0.0.255
> !
>
> On R9 i have
> interface Serial0
> ip address 153.1.200.9 255.255.255.240
> encapsulation frame-relay
> no fair-queue
> clockrate 64000
> no arp frame-relay
> no frame-relay inverse-arp
> frame-relay map ip 153.1.200.5 201 broadcast
> !
> router ospf 100
> log-adjace ncy-changes
> network 153.1.0.0 0.0.255.255 area 0
> neighbour 153.1.200.5
>
> 00:27:41: IP: s=153.1.200.12 (Serial0), d=153.1.200.9 (Serial0), len 100,
> rcvd 3
> 00:27:41: ICMP type=8, code=0
> 00:27:41: IP: s=153.1.200.9 (local), d=153.1.200.12 (Serial0), len 100,
> sending
> 00:27:41: ICMP type=0, code=0
> 00:27:41: IP: s=153.1.200.9 (local), d=153.1.200.12 (Serial0), len 100,
> encapsulation failed
> 00:27:41: ICMP type=0, code=0
>
> Let me know what to do ? I am just thinking how would the other end be
> able to know all the IP addresses on inside for which transaltion has
> taken place.
>
> Good Luck,
> Kasturi.
>
> ------------------------------------------------------------------------
>
> Design your own holidays. Make memories that last a lifetime. Enjoy!
This archive was generated by hypermail 2.1.4 : Fri Jul 04 2003 - 11:10:54 GMT-3