Solved

Wild card setting for NAT

Posted on 2010-08-18
6
801 Views
Last Modified: 2012-05-10
Hi

I put the Ip address for Fast ethernet 0/1

192.168.88.2 and subnet 255.255.255.192

then in NAt, i typed

configure terminal
ip access-list standard NAT_ADDRESS
permit 192.168.88.0 0.0.0.255


but still i is not allowing trafiq to go out side
also i added this line

ip nat inside source list NAT_ADDRESS interface FastEthernet 0/0 overload

and static router has right entry so that trafiq can go out

what i am thinking is bellow line

permit 192.168.88.0 0.0.0.255  -> permit 192.168.88.0 0.0.0.192

can any one please help me
thanks


0
Comment
Question by:fosiul01
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 2

Accepted Solution

by:
xephael earned 250 total points
ID: 33464888
The wildcard subnet mask for 255.255.255.192 is 0.0.0.63.

If you need help with NAT I would need to see the entire configuration.
0
 
LVL 29

Author Comment

by:fosiul01
ID: 33465041
why 63 ??

but i think the problem was different

for some reason, it was unable to use dns server of my isp router

but its working now by using

ip access-list standard NAT_ADDRESS
 permit 192.168.88.0 0.0.0.255
!

but why you said to use 63?
0
 
LVL 2

Assisted Solution

by:Paresh Patel
Paresh Patel earned 250 total points
ID: 33465988
While xephael is correct in his comment, 192.168.88.0 0.0.0.255 will work since it includes your subnet, 192.168.88.0/26 (255.255.255.192).

Since your network is 192.168.88.0 255.255.255.192, wildcard mask for ACL should be 0.0.0.63 so it only covers your network and not entire 192.168.88.0 255.255.255.0.
0
[Live Webinar] The Cloud Skills Gap

As Cloud technologies come of age, business leaders grapple with the impact it has on their team's skills and the gap associated with the use of a cloud platform.

Join experts from 451 Research and Concerto Cloud Services on July 27th where we will examine fact and fiction.

 
LVL 2

Expert Comment

by:jimhoodleeds
ID: 33484963
Can you post your config (hash out any confidential bits) and I'll take a look for you?
0
 
LVL 2

Expert Comment

by:xephael
ID: 33492462
"why 63?"

63+192=255 which is the maximum number for an IPv4 octet.  The wildcard is an inverse of a subnet mask.  For example the wildcard of subnet 255.255.255.0 is 0.0.0.255.  The wildcard of subnet 255.255.255.128 is 0.0.0.128.

Hope that makes sense.

Address:      192.168.88.2      11000000.10101000.01011000.00   000010
Netmask:      255.255.255.192 = 26      11111111.11111111.11111111.11   000000
Wildcard:      0.0.0.63      00000000.00000000.00000000.00   111111
Network:      192.168.88.0      11000000.10101000.01011000.00   000000      (Class C)
Broadcast:      192.168.88.63      11000000.10101000.01011000.00   111111
HostMin:      192.168.88.1      11000000.10101000.01011000.00   000001
HostMax:      192.168.88.62      11000000.10101000.01011000.00   111110
Hosts/Net:      62      ( RFC-1918 Private Internet Address. )

0
 
LVL 2

Expert Comment

by:xephael
ID: 33492473
255.255.255.128 is 0.0.0.127 (messed up ;)
0

Featured Post

Ready to trade in that old firewall?

Whether you need to trade-up to a shiny new Firebox or just ready to upgrade from whatever appliance you're using now, WatchGuard has the right appliance for you! Find your perfect Firebox today with appliance sizing tool!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There’s a movement in Information Technology (IT), and while it’s hard to define, it is gaining momentum. Some call it “stream-lined IT;” others call it “thin-model IT.”
You deserve ‘straight talk’ from your cloud provider about your risk, your costs, security, uptime and the processes that are in place to protect your mission-critical applications.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question