| Author |
Port Address Translation with single IP
|
|
| rjohn 2001-06-20, 11:17 am |
| hi ppl,
i m unable to do a port Address Translation with a single Public IP for a complete LAN.
Here some infos
LAN 192.168.4.0
S0/0:0 connected with ISP 139.4.73.254
Transit Publc IP Pool 213.70.61.130
Task: PAT Configuration with a single Transit public IP 213.70.61.130
Here the config how i tried but its not running.
interface FastEthernet0/0
ip address 192.168.4.25 255.255.255.0
no ip directed-broadcast
ip nat inside
speed 100
!
interface Serial0/0:0
bandwidth 1984
ip address 139.4.73.254 255.255.255.252
no ip directed-broadcast
ip nat outside
no fair-queue
!
ip nat pool ovrld 213.70.61.130 213.70.61.130 prefix-length 24
ip nat inside source list 7 pool ovrld overload
ip classless
ip route 0.0.0.0 0.0.0.0 139.4.73.253
no ip http server
!
access-list 7 permit 192.168.4.0
Im so confuse so
Thanx for the help ppl. | |
| MadChef 2001-06-20, 5:51 pm |
| What do you mean by "it's not running"? What do "show ip nat trans" and "show ip nat stat" show you? You can do a "debug ip nat" to show you some more detail. And I assume that your ISP is correctly routing this address to you. Can you verify this? It's also posssible to have a code rev that supports NAT but doesn't support PAT. See http://www.cisco.com/warp/public/cc...dlit/792_pp.htm for info on NAT packaging and the NAT support page at http://www.cisco.com/pcgi-bin/Suppo...rnetworking:NAT
MadChef | |
|
| hi madcheff,
i thinks the IOS Version is not functionable for NAT and PAT. I hve also tried with a pool of registered IP Addresses but still i cant ping from any host to the internet.
The host is only assigned with one IP internal Address and not with registered IP.
But if i use the static NAT then its function like
ip nat inside source static (internal IP) (registered IP)
And if i use the commands for overloading or even for no-overloading the router accept the commands but not able to translate them.
i dont know.
thanx | |
| daipayan_b 2001-06-21, 5:03 am |
| hi john,
your config seems fine , only change could be in the pool line.
try this
ip nat pool ovrld 213.70.61.130 213.70.61.130 255.255.255.255
It should work.
daipayan | |
|
| hi daipan
try this
ip nat pool ovrld 213.70.61.130 213.70.61.130 255.255.255.255
It should work
I hve tried this with that mask but getting error, cuz of subnetmask is too small for the ovrld.
I also tried with other subnet masks but still not no luck.
But thanx | |
| marinos9 2001-06-21, 11:43 am |
| I've just set up the same senario and your right it didn't work until I identified a ip nat outside parameter
hope this works
CMarinos | |
| MadChef 2001-06-21, 1:21 pm |
| quote:
Originally posted by daipayan_b
try this
ip nat pool ovrld 213.70.61.130 213.70.61.130 255.255.255.255
If he's been assigned a /24 net (which I am assuming because he initially used the prefix-length 24 command), then why would he want to use a 32 bit mask?
MadChef | |
| daipayan_b 2001-06-22, 2:06 am |
| Hi madchief,
the the pat IP we are using is different form the network he must be having ....so the subnet mask is only locally relevent to the PAT IP address....
john ...
i guess the netmask value of 32 bits was a mistake ....try giving the a prefix value of 30 (the highest value excepted)...
It works .......
daipayan | |
| MadChef 2001-06-22, 8:17 am |
| quote:
Originally posted by daipayan_b
the the pat IP we are using is different form the network he must be having ....so the subnet mask is only locally relevent to the PAT IP address....
Sure, but if the PAT address he's using is actually supposed to have a 24 bit mask (again, I'm assuming that's what he wanted to do since he configured it that way first), why change it?
rjohn, are you just labbing this or are you setting it up for real? What mask did the provider give you?
MadChef | |
|
| it is the same mask what provider gave me.
So i hve assigned a 1 to 1 static NAT for each of the Host.
I think the proble was cuz of the IOS. Its just a simple one and not any plus feauture, maybe its not able to do a PAT-
But anyway we r getting a PIX Firewall in next. So then we can do a PAT directly in PIX
so thatswhy dont need to do in a router rightnow.
So i will need some help from u all guys in next cuz of Firewall i sure...
So till then and again "THANKS" |
|
|
|