From: Tariq Sharif (sharif.tariq@gmail.com)
Date: Thu Oct 05 2006 - 14:23:37 ART
Hi there
Simple RIP lab with PAT setup as below:
s1 --- r1 ------RCore ------r2 ---- s2
Ping between the s2 and s1 doesn't work.
I can see from the debugs that r2 gets the replies for the icmp sent by s1
to s2 but it seems to drop it.
I think the reason is one of the 2:
1)- becuase r2 is NOT expecting icmp reply from the PATed IP of
10.140.1.2 (the return packet is getting PATed by r1 as it leave r1)
2)-the PAT port number is changed on the return packet and therefore r2
rejects it.
I think it is 1 but want to see if I can make sure of this. Any thoghts?
Thanks
Tariq
CONFIGs:
hostname s1
!
interface FastEthernet0/1
!
interface VLAN1
ip address 10.2.2.11 255.255.255.0
!
ip default-gateway 10.2.2.3
login
!
end
hostname r1
!
!
ip subnet-zero
!
interface Ethernet0
ip address 10.2.2.3 255.255.255.0
ip nat inside
!
interface Serial0
ip address 10.140.1.2 255.255.255.0
ip nat outside
!
router rip
network 10.0.0.0
!
ip nat inside source list 10 interface Serial0 overload
ip classless
!
access-list 10 permit 10.2.2.0 0.0.0.255
!
end
hostname RCore
!
interface FastEthernet0/0
ip address 10.1.1.3 255.255.255.0
!
interface Serial0/0
ip address 10.140.1.1 255.255.255.0
clockrate 64000
!
interface Serial0/1
ip address 10.140.2.1 255.255.255.0
clockrate 64000
!
router rip
network 10.0.0.0
!
end
hostname r2
!
!
interface Ethernet0
ip address 10.3.3.3 255.255.255.0
ip nat inside
!
interface Serial0
ip address 10.140.2.2 255.255.255.0
ip nat outside
!
router rip
network 10.0.0.0
!
ip nat inside source list 10 interface Serial0 overload
!
access-list 10 permit 10.3.3.0 0.0.0.255
!
!
end
!
hostname s2
!
!
!
interface FastEthernet0/1
!
interface VLAN1
ip address 10.3.3.11 255.255.255.0
no ip directed-broadcast
no ip route-cache
!
ip default-gateway 10.3.3.3
!
line con 0
transport input none
stopbits 1
line vty 0 4
login
line vty 5 15
login
!
end
This archive was generated by hypermail 2.1.4 : Wed Nov 01 2006 - 07:29:04 ART