Wild card setting for NAT


I put the Ip address for Fast ethernet 0/1 and subnet

then in NAt, i typed

configure terminal
ip access-list standard NAT_ADDRESS

but still i is not allowing trafiq to go out side
also i added this line

ip nat inside source list NAT_ADDRESS interface FastEthernet 0/0 overload

and static router has right entry so that trafiq can go out

what i am thinking is bellow line

permit  -> permit

can any one please help me

LVL 29
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

The wildcard subnet mask for is

If you need help with NAT I would need to see the entire configuration.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
fosiul01Author Commented:
why 63 ??

but i think the problem was different

for some reason, it was unable to use dns server of my isp router

but its working now by using

ip access-list standard NAT_ADDRESS

but why you said to use 63?
Paresh PatelNetwork ArchitectCommented:
While xephael is correct in his comment, will work since it includes your subnet, (

Since your network is, wildcard mask for ACL should be so it only covers your network and not entire
Hey MSSPs! What's your total cost of ownership?

WEBINAR: Managed security service providers often deploy & manage products from a variety of solution vendors. But is this really the best approach when it comes to saving time AND money? Join us on Aug. 15th to learn how you can improve your total cost of ownership today!

Can you post your config (hash out any confidential bits) and I'll take a look for you?
"why 63?"

63+192=255 which is the maximum number for an IPv4 octet.  The wildcard is an inverse of a subnet mask.  For example the wildcard of subnet is  The wildcard of subnet is

Hope that makes sense.

Address:      11000000.10101000.01011000.00   000010
Netmask: = 26      11111111.11111111.11111111.11   000000
Wildcard:      00000000.00000000.00000000.00   111111
Network:      11000000.10101000.01011000.00   000000      (Class C)
Broadcast:      11000000.10101000.01011000.00   111111
HostMin:      11000000.10101000.01011000.00   000001
HostMax:      11000000.10101000.01011000.00   111110
Hosts/Net:      62      ( RFC-1918 Private Internet Address. )

xephaelCommented: is (messed up ;)
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.