RE: static NAT problem

From: Mati Gil (mgil@servicom2000.com)
Date: Tue Apr 16 2002 - 04:21:05 EDT


Try to exclude from access-list 10 IP addresses 192.168.100.127 and
192.168.100.128.
You can also replace it with an extended ACL to just exclude these IP
addresses when going to your mail servers.
Mati

-----Mensaje original-----
De: Nick [mailto:nick@arc.net.my]
Enviado el: martes, 16 de abril de 2002 10:16
Para: cisco-nsp@puck.nether.net
Asunto: static NAT problem

We have a customer who we connect via an Ethernet in-building WAN link.
Their internal network is on a private IP scheme and have been allocated a
/28 global IP range. The customer is utilizing these global IPs for static
mappings for their mail servers. This global block is tied to a loopback
interface created.

The internal LAN PCs can access the Internet via a NAT/PAT overload
statement on the Lo0 interface. However the static NAT translations for the
mail servers don't seem to be working. We cannot ping or establish an SMTP
session.

Followed and modified slightly from /cisco/docs/technotes. Any ideas what is
going on/

Thanks in advance.

-nick/

--------------8<------------------------

interface Loopback0
 ip address 200.100.242.161 255.255.255.240
 ip nat outside
!
interface Ethernet0
description *** Ethernet WAN link ***
 ip address 200.100.233.218 255.255.255.252
 ip nat outside
!
interface Ethernet1
 description *** Internal LAN ***
 ip address 192.168.100.2 255.255.255.0
 ip nat inside
!
ip nat inside source list 10 interface Loopback0 overload
!
! *** static NAT mappings for mail servers ***
ip nat inside source static 192.168.100.127 200.100.242.168
ip nat inside source static 192.168.100.128 200.100.242.169
!
ip route 0.0.0.0 0.0.0.0 Ethernet0



This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:13:12 EDT