From: Bit Gossip (bit.gossip@chello.nl)
Date: Fri Feb 02 2007 - 15:22:15 ART
Hi Group,
I can not catch the meanining of this optional parameter of a NAT pool
as it is explained in the DocCD. Plus I noticed that if it is not set
correctly (i dont know what is correct) NAT doesnt work as from the
following example.
What is this option? What should it be set to?
Thanks,
Luca.
~~~~~~~~~~~~~~~~~~
~ Working config ~
~~~~~~~~~~~~~~~~~~
ip nat pool S4-3 200.1.3.111 200.1.3.111 netmask 255.255.255.0
ip nat inside source list 143 pool S4-3 overload
!
access-list 143 deny ip 192.168.11.0 0.0.0.255 host 192.168.41.4
access-list 143 permit ip 192.168.11.0 0.0.0.255 any
NAT: address not stolen for 192.168.11.1, proto 1 port 69
NAT: creating portlist proto 1 globaladdr 200.1.3.111
NAT: Allocated Port for 192.168.11.1 -> 200.1.3.111: wanted 69 got 69
NAT: i: icmp (192.168.11.1, 69) -> (192.168.41.40, 69) [229]
NAT: s=192.168.11.1->200.1.3.111, d=192.168.41.40 [229]
NAT: o: icmp (192.168.41.40, 69) -> (200.1.3.111, 69) [229]
NAT: s=192.168.41.40, d=200.1.3.111->192.168.11.1 [229]
-> works
~~~~~~~~~~~~~~~~~~~~~~
~ NOT Working config ~
~~~~~~~~~~~~~~~~~~~~~~
ip nat pool S4-3 200.1.3.111 200.1.3.111 netmask 255.255.255.252
ip nat inside source list 143 pool S4-3 overload
!
access-list 143 deny ip 192.168.11.0 0.0.0.255 host 192.168.41.4
access-list 143 permit ip 192.168.11.0 0.0.0.255 any
NAT: address not stolen for 192.168.11.1, proto 1 port 70
NAT: failed to allocate address for 192.168.11.1, list/map 143
NAT*: Can't create new inside entry - forced_punt_flags: 0
NAT: address not stolen for 192.168.11.1, proto 1 port 70
NAT: failed to allocate address for 192.168.11.1, list/map 143
NAT: translation failed (A), dropping packet s=192.168.11.1
d=192.168.41.40
This archive was generated by hypermail 2.1.4 : Thu Mar 01 2007 - 07:38:45 ART