Static NAT Cisco 1605r

Posted on 2003-03-21
Medium Priority
Last Modified: 2010-03-19

I am trying to statically NAT 4 IP's thru a Cisco 1605

Below is my configuration, passwords and IP's changed to protect the

Now when I bring this online I am able to get out to the internet from
all machines except (  I am also able to ping all
machines from the outside EXCEPT   I also have a problem
going from an internal machine to a NAT'd external IP... ie will produce a page cannot be displayed error, from an
internal machine. I seem to recall some kind of loop problem.  I have verified
the internal machines configuration, gateway, ip etc...  Any
help would be greatly appreciated.  If you need clarification please


version 12.0
service timestamps debug uptime
service timestamps log uptime
service password-encryption
hostname Cisco1605
enable password 7 123456
ip subnet-zero
no ip domain-lookup
interface Ethernet0
description connected to Cisco1548
ip address
no ip directed-broadcast
ip nat inside
interface Ethernet1
description connected to Internet
ip address
no ip directed-broadcast
ip nat outside
interface Serial0
no ip address
no ip directed-broadcast
no ip mroute-cache
router rip
version 2
passive-interface Ethernet1
no auto-summary
ip nat inside source list 1 interface Ethernet1 overload
ip nat inside source static
ip nat inside source static
ip nat inside source static
ip nat inside source static
ip classless
ip route Ethernet1
access-list 1 permit
line con 0
exec-timeout 0 0
password 7 123456
transport input none
line vty 0 4
password 7 123456
Question by:usbenny
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 79

Accepted Solution

lrmoore earned 225 total points
ID: 8184605
> I also have a problem
> going from an internal machine to a NAT'd external IP... ie will produce a page cannot be displayed error,

Working as designed.

Change your access-list 1 to prevent these static systems from using the nat pool/interface:

access-list 1 deny
access-list 1 deny
access-list 1 deny
access-list 1 deny
access-list 1 permit

be sure to clear the xlates:
router#clear ip nat trans *


Author Comment

ID: 8190601
Thank-you for the answer.  I added the entries and it made no difference for whatever reason.  However I got around this problem by changing my DNS to internal IP's since Cisco translates the IP's in DNS requests for statically NAT'd IP's.

I also solved the first problem.  Turns out that a Cisco ubr900 router in front of the 1605R had cached the MAC of a previous host.  After rebooting the ubr900 everything was hunky-dory! ;)


Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is a collection of issues that people face from time to time and possible solutions to those issues. I hope you enjoy reading it.
During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question