?
Solved

Cisco 2600 router configuration problem - router is performing port address translation, rather than network address translation using the natpool of internet addresses.

Posted on 2006-05-02
6
Medium Priority
?
324 Views
Last Modified: 2010-08-05
We have a relatively simple wan/vpn setup, with a set of 2610 routers and 1 1720 router, plus a Pix 515 at our main office behind another 2610.  Recently, we've been getting notices from our ISP saying there is beagle worm traffic coming from a computer at one of our locations, and gives me an i.p. address to follow up with.  Much to my chagrine, however, when I look at the ip nat translation table on the router, it appears to be doing port address translation, rather than network address translation, using the first ip address from the natpool (i.e. everyone is using the 1 address, even though we have some 200+ addresses in the natpool available).  I'm looking for some help in remedying the config (which, incidentally, was originally configured by an outside vendor, so it's not my fault! :-) so that the router will begin using a unique address from the natpool for each pc going out to the internet.  I've copied in below what I believe to be the applicable part of one config, hoping for some input on what needs changing....thanks in advance!

ip nat pool Daytona-natpool-1 65.115.155.15 65.115.155.254 netmask 255.255.255.0
ip nat inside source route-map nonat pool Daytona-natpool-1 overload

The offending ip address being reported by our isp is the 65.115.155.15 address, and if you look at the ip nat translation table on the router, everybody is using that address..
0
Comment
Question by:atyar
  • 4
  • 2
6 Comments
 
LVL 11

Expert Comment

by:grsteed
ID: 16587348
If you remove "overload" from the following line it will not do PAT.

ip nat inside source route-map nonat pool Daytona-natpool-1 overload

Cheers,

Gary

0
 
LVL 2

Author Comment

by:atyar
ID: 16587386
funny - I had that thought while I was waiting for an answer, and went to try that change.  It's telling me 'Dynamic mapping in use - cannot change'.  Any idea how I can get in there and change it?
Thanks!
0
 
LVL 11

Expert Comment

by:grsteed
ID: 16587397
Also issue the command "clear ip nat trans" to remove existing PAT connections.  You may want do do a "show ip nat trans" prior to clearing to see what you have and maybe wait until a non-peak time to minimize disruptions.

Gary
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 11

Accepted Solution

by:
grsteed earned 1000 total points
ID: 16587421
You need to do "no ip nat inside" command, then try making your change.

Gary
0
 
LVL 2

Author Comment

by:atyar
ID: 16587530
Got it -
1)remove the ip nat inside from the ethernet0/0 interface
2)clear ip nat translation *
3)change the config to eliminate 'overload'
4)readd the ip nat inside on ethernet0/0

bada boom - using nat again....
Thanks!
0
 
LVL 11

Expert Comment

by:grsteed
ID: 16587571
Great!!! Glad I could help!!

Gary

0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This month, Experts Exchange’s free Course of the Month is focused on CompTIA IT Fundamentals.
Tech spooks aren't just for those who are tech savvy, it also happens to those of us running a business. Check out the top tech spooks for business owners.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question