Wild card setting for NAT


I put the Ip address for Fast ethernet 0/1 and subnet

then in NAt, i typed

configure terminal
ip access-list standard NAT_ADDRESS

but still i is not allowing trafiq to go out side
also i added this line

ip nat inside source list NAT_ADDRESS interface FastEthernet 0/0 overload

and static router has right entry so that trafiq can go out

what i am thinking is bellow line

permit  -> permit

can any one please help me

LVL 29
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

xephaelConnect With a Mentor Commented:
The wildcard subnet mask for is

If you need help with NAT I would need to see the entire configuration.
fosiul01Author Commented:
why 63 ??

but i think the problem was different

for some reason, it was unable to use dns server of my isp router

but its working now by using

ip access-list standard NAT_ADDRESS

but why you said to use 63?
Paresh PatelConnect With a Mentor Network ArchitectCommented:
While xephael is correct in his comment, will work since it includes your subnet, (

Since your network is, wildcard mask for ACL should be so it only covers your network and not entire
SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

Can you post your config (hash out any confidential bits) and I'll take a look for you?
"why 63?"

63+192=255 which is the maximum number for an IPv4 octet.  The wildcard is an inverse of a subnet mask.  For example the wildcard of subnet is  The wildcard of subnet is

Hope that makes sense.

Address:      11000000.10101000.01011000.00   000010
Netmask: = 26      11111111.11111111.11111111.11   000000
Wildcard:      00000000.00000000.00000000.00   111111
Network:      11000000.10101000.01011000.00   000000      (Class C)
Broadcast:      11000000.10101000.01011000.00   111111
HostMin:      11000000.10101000.01011000.00   000001
HostMax:      11000000.10101000.01011000.00   111110
Hosts/Net:      62      ( RFC-1918 Private Internet Address. )

xephaelCommented: is (messed up ;)
All Courses

From novice to tech pro — start learning today.