[c-nsp] Cannot get little soho91 to NAT
Oliver Boehmer (oboehmer)
oboehmer at cisco.com
Thu Oct 28 01:45:51 EDT 2004
> It has quite a few other people at my work confused, and people on
> another cisco forum.
>
> (192.168.0.128)Host----Soho91-----Gateway (to internet) 10.0.105.254
>
> Inital info: The soho can traceroute to any host on the net, can
> resolve dns, so it has full connectivity. Almost this exact config
> works when I am using pppoe on Eth1 for the ip assignment instead of
> this static setup.
>
> The host cannot get past the soho at all. When I do a "debug ip nat
> detailed" I get a lot of these:
> *Mar 1 00:25:25.235: NAT*: Can't create new inside entry -
> forced_punt_flags: 0
> *Mar 1 00:25:26.243: NAT*: Can't create new inside entry -
> forced_punt_flags: 0
> *Mar 1 00:25:28.263: NAT*: Can't create new inside entry -
> forced_punt_flags: 0
> *Mar 1 00:25:30.271: NAT*: Can't create new inside entry -
> forced_punt_flags: 0
>
> Any idea what is going on? Here is the config:
which IOS release are you using?
Can you try to remove the "log" option in your ACL used for NAT, i.e.
no access-list 2
access-list 2 permit 192.168.0.0 0.0.0.128
Are you sure about the wildcard 0.0.0.128? Don't you want your whole E0
nat'ed?
There's CSCed14457 (integrated in 12.3(07.04)T 012.003(007.004)), not
sure if this is the culprit..
oli
More information about the cisco-nsp
mailing list