[rbak-nsp] NATting not working on my SmartEdge router

Mosab Messad mosab.messad at gmail.com
Thu Aug 1 02:52:17 EDT 2013 

Dear Sebastian,
  I will try it even i tried many but without success, is the reason that
the WAN IP is the same as the one used for nat pool.

Can i use the same WAN IP for nat pool or i must use different one and if
there any other solutions to solve this if i couldn't get another WAN IP.

Best Regards,
 Mosab


On Wed, Jul 31, 2013 at 2:46 PM, Sebastian Podjasek
<sebastian at podjasek.pl>wrote:

>  W dniu 30.07.2013 13:26, Mosab Messad pisze:
>
> Dears ,
>  Kindly your support i am not able to have the NAT working on my SE
> router, the configuration as below kindly advice ASAP please.
> --------------------
>
> context internet
> !
>  no ip domain-lookup
> !
> ip nat pool NAT_pool napt multibind
>   address 66.150.66.131/32 port-block 1 to 15
> !
> nat policy NAT_policy
>   pool NAT_pool internet
>   timeout tcp 18000
>   endpoint-independent filtering udp
>
>
> Start with changing your nat pool address to something not bound to any
> interface, later try to change your config to something similar:
>
> !
>  ip nat pool nat-pool1 napt multibind
>   address X.X.X.X/32 port-block 1 to 15
> !
>  nat policy nat-policy1
> ! Default class
>   ignore
>   endpoint-independent filtering udp
>   icmp-notification
> ! Named classes
>   access-group nat-acl
>    class nat-class
>     pool nat-pool1 <<context>>
>     timeout tcp 18000
>     timeout udp 60
>     timeout fin-reset 60
>     timeout icmp 30
>     timeout syn 60
>     admission-control tcp
>     admission-control udp
>     admission-control icmp
>     endpoint-independent filtering udp
>     no icmp-notification
> !
>  policy access-list nat-acl
> ! no nat for local transfers
>   seq 1000 permit icmp 10.180.0.0 0.0.255.255 10.180.0.0 0.0.255.255 class lan-class
>   seq 1001 permit udp 10.180.0.0 0.0.255.255 10.180.0.0 0.0.255.255 class lan-class
>   seq 1002 permit tcp 10.180.0.0 0.0.255.255 10.180.0.0 0.0.255.255 class lan-class
> ! nat everyting else
>   seq 2100 permit icmp 10.180.0.0 0.0.255.255 any class nat-class
>   seq 2200 permit udp 10.180.0.0 0.0.255.255 any class nat-class
>   seq 2300 permit tcp 10.180.0.0 0.0.255.255 any class nat-class
>
>
>
> --
> Sebastian Podjasek
>
>
> _______________________________________________
> redback-nsp mailing list
> redback-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/redback-nsp
>
>


-- 
*Best Regards*,
* Mosab I. Messad*
  Mobile: +966509006393
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/redback-nsp/attachments/20130801/f4a6092e/attachment.html>

More information about the redback-nsp mailing list