From: ccie 2005 (cciein2005@gmail.com)
Date: Wed Dec 29 2004 - 15:11:53 GMT-3
Guys,
I am basing this lab on Doyle's vol II. This is what I have -
hostA[IP 10.1.6.1] -eth0- [IP 10.1.6.2 raNat 128.100.11.1] =ser4= [rB,
IP 128.100.11.2]
I can ping from hostA(this is a router being used as a host) to rB just fine.
Ping from rB to hostA worked until I added nat for inside address as
well. I am try to make sure both inside and outside address get natted
to from the pool defined. It seems inside is working fine but not
outside. However, I added another network 20.20.20.0 on rB and doing
an extended ping from rB to hostA works fine.
Is my logic wrong on this or am I missing something simple ?
Here is config / debug etc.
interface Ethernet0/0
ip address 10.1.6.1 255.255.255.0
ip nat inside
!
interface Serial4/0
ip address 128.100.11.1 255.255.255.252
ip nat outside
!
router rip
version 2
network 10.0.0.0
network 128.100.0.0
no auto-summary
ip nat log translations syslog
ip nat pool outsidePool 128.100.11.10 128.100.11.20 netmask 255.255.255.0
ip nat pool insidePool 10.1.6.10 10.1.6.20 netmask 255.255.255.0
ip nat inside source list 1 pool outsidePool
ip nat outside source list 2 pool insidePool
ip classless
no ip http server
no ip http secure-server
!
!
access-list 1 permit 10.1.6.0 0.0.0.255
access-list 2 permit 128.100.11.0 0.0.0.255
*Dec 29 17:58:06.192: %IPNAT-6-NAT_CREATED: Created ? 10.1.6.2:0
10.1.6.2:0 10.1.6.10:0 128.100.11.2:0
*Dec 29 17:58:06.192: NAT: s=128.100.11.2->10.1.6.10, d=10.1.6.2 [347]
*Dec 29 17:58:08.240: NAT*: s=128.100.11.2->10.1.6.10, d=10.1.6.2 [348]
*Dec 29 17:58:10.352: NAT*: s=128.100.11.2->10.1.6.10, d=10.1.6.2 [349]
*Dec 29 17:58:12.360: NAT*: s=128.100.11.2->10.1.6.10, d=10.1.6.2 [350]
*Dec 29 17:58:14.420: NAT*: s=128.100.11.2->10.1.6.10, d=10.1.6.2 [351]
*Dec 29 17:58:15.100: %IPNAT-6-NAT_CREATED: Created ? 10.1.6.2:0
128.100.11.15:0 0.0.0.0:0 0.0.0.0:0
*Dec 29 17:58:15.100: NAT: s=10.1.6.2->128.100.11.15, d=128.100.11.2 [171]
*Dec 29 17:58:15.120: %IPNAT-6-NAT_CREATED: Created ? 10.1.6.2:0
128.100.11.15:0 10.1.6.10:0 128.100.11.2:0
*Dec 29 17:58:15.120: NAT: s=128.100.11.2->10.1.6.10, d=128.100.11.15 [171]
*Dec 29 17:58:15.120: NAT: s=10.1.6.10, d=128.100.11.15->10.1.6.2 [171]
*Dec 29 17:58:15.140: NAT*: s=10.1.6.2->128.100.11.15, d=128.100.11.2 [172]
*Dec 29 17:58:15.152: NAT*: s=128.100.11.2->10.1.6.10, d=128.100.11.15 [172]
*Dec 29 17:58:15.152: NAT*: s=10.1.6.10, d=128.100.11.15->10.1.6.2 [172]
*Dec 29 17:58:15.172: NAT*: s=10.1.6.2->128.100.11.15, d=128.100.11.2 [173]
*Dec 29 17:58:15.192: NAT*: s=128.100.11.2->10.1.6.10, d=128.100.11.15 [173]
*Dec 29 17:58:15.192: NAT*: s=10.1.6.10, d=128.100.11.15->10.1.6.2 [173]
*Dec 29 17:58:15.212: NAT*: s=10.1.6.2->128.100.11.15, d=128.100.11.2 [174]
*Dec 29 17:58:15.220: NAT*: s=128.100.11.2->10.1.6.10, d=128.100.11.15 [174]
*Dec 29 17:58:15.220: NAT*: s=10.1.6.10, d=128.100.11.15->10.1.6.2 [174]
*Dec 29 17:58:15.240: NAT*: s=10.1.6.2->128.100.11.15, d=128.100.11.2 [175]
*Dec 29 17:58:15.252: NAT*: s=128.100.11.2->10.1.6.10, d=128.100.11.15 [175]
*Dec 29 17:58:15.252: NAT*: s=10.1.6.10, d=128.100.11.15->10.1.6.2 [175]
rAnat#sint
Pro Inside global Inside local Outside local Outside global
--- --- --- 10.1.6.10 128.100.11.2
--- 10.1.6.2 10.1.6.2 10.1.6.10 128.100.11.2
--- 128.100.11.15 10.1.6.2 --- ---
--- 128.100.11.15 10.1.6.2 10.1.6.10 128.100.11.2
thank you.
This archive was generated by hypermail 2.1.4 : Mon Jan 03 2005 - 10:31:31 GMT-3