Solved

Cisco 1721 - Losing Nat connection

Posted on 2014-12-03
7
137 Views
Last Modified: 2015-01-15
Hi, I have a /29 ip address block. I am configuring my cisco router to be able to do NAT, what happens is that when I do the following config:

no ip http server
ip nat pool nat 66.196.xxx.126 66.196.111.130 netmask 255.255.255.248
ip nat inside source list 1 pool nat overload
ip nat inside source static 192.168.10.4 66.196.xxx.127
ip nat inside source static 192.168.10.5 66.196.xxx.128
ip nat inside source static 192.168.10.6 66.196.xxx.129
ip nat inside source static 192.168.10.7 66.196.xxx.130

when I save this confg and do a show run, only one static address is configured the rest of the static configs are not there, why is this? What can I do to resolve this problem?

Thank you,
a
0
Comment
Question by:aej1973
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
7 Comments
 
LVL 46

Expert Comment

by:Craig Beck
ID: 40480559
You don't need to use the pool if you're doing static mappings.
0
 

Author Comment

by:aej1973
ID: 40480685
Craig, in that case how do I rewrite the following line
ip nat pool nat 66.196.xxx.126 66.196.111.130 netmask 255.255.255.248 ?

Thank you
0
 

Expert Comment

by:Deepak Mittal
ID: 40480965
Could you please send the full config?
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 46

Accepted Solution

by:
Craig Beck earned 500 total points
ID: 40480991
Craig, in that case how do I rewrite the following line
ip nat pool nat 66.196.xxx.126 66.196.111.130 netmask 255.255.255.248 ?
You don't need to.

If I'm understanding what you're wanting to do, you want to give 4 internal hosts a dedicated IP address on the public side of your router?

You have done this by creating a static NAT entry.

I'm assuming you used .126 for the WAN interface?  Therefore the following line:
ip nat inside source list 1 pool nat overload
would be changed to read...
ip nat inside source list 1 interface <WAN_INTERFACE> overload

Open in new window


Replace <WAN_INTERFACE> with whatever is your WAN interface actually is.

When you use a block of addresses like this you don't have to actually tell the router that they're there.  The subnet mask will tell the router that it is on that subnet, then the static NAT entries tell the router that it owns those particular IP addresses.

If you want to NAT-Overload outbound connections in a round-robin fashion by using all your public IPs in a pool you would need to use the pool (as you have already) but I'm guessing that's not what you want.  What this would do is send one connection out using .126, then another connection out using .127, etc, etc.
0
 

Author Comment

by:aej1973
ID: 40481653
Craig, my config is exactly what you have stated. I just need all my network traffic to go out of .126 and I am going to NAT 4 of my routers in my LAN via addresses .127 to 130. Yes, .126 is my WAN interface.

When I run the command you mentioned,
#ip nat inside source list 1 interface 66.196.xxx.126 I get the following error:

% Invalid input detected at '^' marker.
 
Where the marker point to the word 'inside". What could be the problem?

Thanks for the help.

A
0
 

Author Comment

by:aej1973
ID: 40483612
I was able to map the interface. I am running some test and will keep you posted. Thank you very much for the help!

A
0
 

Author Closing Comment

by:aej1973
ID: 40551062
Thanks Craig, this solution worked.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question