RE: Strange NAT problem

Hi Chris,

Your config looks right.
If my memory serves correctly, I think it's an ordering problem, i.e. most
specific statement has to be entered first.

Try flipping them around, i.e.
ip nat inside source static tcp 192.168.100.105 23 155.1.1.5 555 extendable
ip nat inside source list 10 interface FastEthernet0/0 overload

I'm not near my machine at the moment to test it though.

Cheers,
Gavin
 

-----Original Message-----
From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of
Christopher Copley
Sent: 15 March 2011 14:47
To: Cisco certification
Subject: Strange NAT problem

All,

I need a second set of eyes b/c I think I am going crazy here. I am trying
to do a simple NAT problem in my lab and I can not figure it out.

1. I need to have all my inside hosts get PAT to the outside interface IP
address 2. I need port forwarding from the outside from F0/0 IP address tcp
port
555 to the inside host 192.168.100.105 on port 23

I logically set up my config like this....

=================================
interface FastEthernet0/0
 ip address 155.1.1.5 255.255.255.0
 ip nat outside
 ip virtual-reassembly
!
interface FastEthernet0/1
 ip address 192.168.100.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly

ip nat inside source list 10 interface FastEthernet0/0 overload ip nat
inside source static tcp 192.168.100.105 23 155.1.1.5 555 extendable

access-list 10 permit 192.168.100.0 0.0.0.255
=================================

In my mind this should work, as I think I have got it to work like this in
the past, but it is not. I have a test PC in my lab and I can not see the
connection. Can someone tell me what I might be doing wrong?

Chris

Blogs and organic groups at http://www.ccie.net
Received on Tue Mar 15 2011 - 22:50:17 ART