More NAT

alliasneoalliasneo Member Posts: 186

Hey everyone,

I've got the topology above and have assigned dynamic NAT to the router illustrated. My question is how would I assign dynamic NAT on the other router? I have tried to add it on and I ping from 172.168.0.1 on the right and it goes across and gets translated and reaches the other PC but when the ping comes back the router on the left changes the source IP from 192.168.0.x to the dynamic NAT I have listed on the router.
-Then when the router on the right get's the ping it has a source on 20.0.0.x so sends it back to that router again.

I have taken my dynamic entries off of the router on the left and now everything works ok.

Comments

  • networker050184networker050184 Mod Posts: 11,962 Mod
    The source shouldn't make it get routed back. A router routes based on destination address, not source.
    An expert is a man who has made all the mistakes which can be made.
  • alliasneoalliasneo Member Posts: 186
    Hi,

    I'm struggling still with this NAT set up for Dynamic NAT. I've recorded a short video which hopefully will make it a bit clearer with what I'm having problems with. Sorry about the quality but this was the quickest way to film it. I have also included my config below:

    If I remove NAT completely from the router on the right then it's all OK but if I add dynamic or in this case PAT (Overload) it doesn't seem to work?

    NAT Query - YouTube



    Router on the left:


    R1#sh run
    Building configuration...


    Current configuration : 1265 bytes
    !
    version 12.2
    no service timestamps log datetime msec
    no service timestamps debug datetime msec
    no service password-encryption
    !
    hostname R1
    !
    !
    !
    enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1
    !
    !
    !
    ip dhcp pool 192.168.0.0/24
    network 192.168.0.0 255.255.255.0
    default-router 192.168.0.254
    !
    !
    !
    username R2 password 0 cisco
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    interface FastEthernet0/0
    no ip address
    duplex auto
    speed auto
    !
    interface FastEthernet0/0.10
    encapsulation dot1Q 10
    ip address 192.168.0.254 255.255.255.0
    ip access-group 10 in
    ip nat inside
    !
    interface FastEthernet1/0
    no ip address
    duplex auto
    speed auto
    shutdown
    !
    interface Serial2/0
    ip address 20.0.0.1 255.255.255.0
    encapsulation ppp
    ppp authentication chap
    ip nat outside
    clock rate 64000
    !
    interface Serial3/0
    no ip address
    shutdown
    !
    interface FastEthernet4/0
    no ip address
    shutdown
    !
    interface FastEthernet5/0
    no ip address
    shutdown
    !
    router ospf 1
    log-adjacency-changes
    network 192.168.0.0 0.0.0.255 area 0
    network 20.0.0.0 0.0.0.255 area 0
    !
    ip nat pool NAT 20.0.0.50 20.0.0.60 netmask 255.255.255.0
    ip nat inside source list 10 pool CHELTNAT
    ip classless
    !
    !
    access-list 10 permit 192.168.0.0 0.0.0.255
    !
    !
    !
    !
    !
    line con 0
    line vty 0 4
    password cisco
    login
    !
    !
    !
    end




    Router on the right:



    R2#sh run
    Building configuration...


    Current configuration : 1171 bytes
    !
    version 12.2
    no service timestamps log datetime msec
    no service timestamps debug datetime msec
    no service password-encryption
    !
    hostname R2
    !
    !
    !
    !
    !
    ip dhcp pool 172.168.0.0/24
    network 172.168.0.0 255.255.255.0
    default-router 172.168.0.254
    !
    !
    !
    username R1 password 0 cisco
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    interface FastEthernet0/0
    no ip address
    ip nat inside
    duplex auto
    speed auto
    !
    interface FastEthernet0/0.20
    encapsulation dot1Q 20
    ip address 172.168.0.254 255.255.255.0
    ip access-group 1 in
    ip nat inside
    !
    interface FastEthernet1/0
    no ip address
    duplex auto
    speed auto
    shutdown
    !
    interface Serial2/0
    ip address 20.0.0.2 255.255.255.0
    encapsulation ppp
    ppp authentication chap
    ip nat outside
    !
    interface Serial3/0
    no ip address
    shutdown
    !
    interface FastEthernet4/0
    no ip address
    shutdown
    !
    interface FastEthernet5/0
    no ip address
    shutdown
    !
    router ospf 1
    log-adjacency-changes
    network 172.168.0.0 0.0.0.255 area 0
    network 20.0.0.0 0.0.0.255 area 0
    !
    ip nat inside source list 1 interface Serial2/0 overload
    ip classless
    !
    !
    access-list 1 permit 172.168.0.0 0.0.0.255
    access-list 1 permit any
    !
    !
    !
    !
    !
    line con 0
    line vty 0 4
    login
    !
    !
    !
    end
  • fsanyeefsanyee Member Posts: 171
    hm... Why are you using access-list on the interfaces?
    When you create an access-list for NAT, you don't have to assign it to any interface.
    If you create a nat pool with a name NAT, why are you use something else on the other line?
Sign In or Register to comment.