Hi everyone,
I'm trying to test a inside and outside nat, in the specific I'am following this links:
http://blog.ine.com/2008/02/15/the-inside-and-outside-of-nat/
My configuration is specular with Petr Lapukhov
however what ever I do doesn't trigger the NAT if I started connection from side outside
please take a look at my config below , appreciate it if anyone can advise if something is wrong with my config:
R3#sh ip na tr
Pro Inside global Inside local Outside local Outside global
--- --- --- 155.1.13.2 155.1.23.2
--- 155.1.23.1 155.1.13.1 --- ---
R3#sh ip na st
Total active translations: 2 (2 static, 0 dynamic; 0 extended)
Outside interfaces:
Serial1/0.302
Inside interfaces:
Serial1/0.301
Hits: 0 Misses: 0
CEF Translated packets: 0, CEF Punted packets: 10
Expired translations: 0
Dynamic mappings:
Queued Packets: 0
R3#sh fram ma
Serial1/0.302 (up): ip 155.1.23.2 dlci 302(0x12E,0x48E0), static,
CISCO, status defined, active
Serial1/0.301 (up): point-to-point dlci, dlci 301(0x12D,0x48D0), broadcast
status defined, active
R3#
R1#sh fram ma
Serial0/0.103 (up): point-to-point dlci, dlci 103(0x67,0x1870), broadcast
status defined, active
R2#sh fram ma
Serial0/0.203 (up): ip 155.1.23.2 dlci 203(0xCB,0x30B0), static,
CISCO, status defined, active
Serial0/0.203 (up): ip 155.1.23.3 dlci 203(0xCB,0x30B0), static,
CISCO, status defined, active
The wan connected to R3 are working well, ping is ok.
I do not know if I have met some bug, neverthless the list IOS are strighforward:
R1# sh ve | i IO
Cisco IOS Software, C2600 Software (C2600-ADVENTERPRISEK9-M), Version 12.4(10), RELEASE SOFTWARE (fc1)
R2#sh ve | i IO
Cisco IOS Software, C2600 Software (C2600-ADVENTERPRISEK9-M), Version 12.4(10), RELEASE SOFTWARE (fc1)
R3#sh ve | i IO
Cisco IOS Software, C2600 Software (C2600-ADVENTERPRISEK9-M), Version 12.4(10), RELEASE SOFTWARE (fc1)
In short If I started from R2(outside) and I make ping toward Inside global output to NAT ROUTER is empty, while if I started to R1(Inside) e I make ping toward outside local something happens:
R3(config)#
*Mar 1 00:13:56.799: IP: tableid=0, s=155.1.13.1 (Serial1/0.301), d=155.1.13.2 (Serial1/0.302), routed via RIB
*Mar 1 00:13:56.799: NAT: i: icmp (155.1.13.1, 2) -> (155.1.13.2, 2) [10]
*Mar 1 00:13:56.799: NAT: s=155.1.13.1->155.1.23.1, d=155.1.13.2 [10]
*Mar 1 00:13:56.799: NAT: s=155.1.23.1, d=155.1.13.2->155.1.23.2 [10]
*Mar 1 00:13:56.799: IP: s=155.1.23.1 (Serial1/0.301), d=155.1.23.2 (Serial1/0.302), g=155.1.23.2, len 100, forward
*Mar 1 00:13:56.803: ICMP type=8, code=0
R3(config)#
*Mar 1 00:17:28.502: IP: tableid=0, s=155.1.13.1 (Serial1/0.301), d=155.1.13.2 (Serial1/0.302), routed via RIB
Here nat is in input
*Mar 1 00:17:28.502: NAT: i: tcp (155.1.13.1, 17317) -> (155.1.13.2, 23) [22007]
*Mar 1 00:17:28.502: NAT: s=155.1.13.1->155.1.23.1, d=155.1.13.2 [22007]
*Mar 1 00:17:28.502: NAT: s=155.1.23.1, d=155.1.13.2->155.1.23.2 [22007]
*Mar 1 00:17:28.502: IP: s=155.1.23.1 (Serial1/0.301), d=155.1.23.2 (Serial1/0.302), g=155.1.23.2, len 44, forward
*Mar 1 00:17:28.506: TCP src=17317, dst=23, seq=55532950, ack=0, win=4128 SYN
Furthemore It seem that NAT install alias dynamic, hence R3 should respond to echo request.
R3#sh ip ali
Address Type IP Address Port
Dynamic 155.1.23.1
Interface 155.1.23.3
Interface 155.1.13.3
Dynamic 155.1.13.2
I have written follow 2 static route, but nothing It was change
ip route 155.1.13.2 255.255.255.255 155.1.23.2
ip route 155.1.23.1 255.255.255.255 155.1.13.1
Sorry for my english, and let me know If I do a obvious error.