<div dir="ltr"><div><div><div>Dear Sebastian,<br></div> I will try it even i tried many but without success, is the reason that the WAN IP is the same as the one used for nat pool.<br><br></div>Can
i use the same WAN IP for nat pool or i must use different one and if
there any other solutions to solve this if i couldn't get another WAN
IP.<br><br>Best Regards,<br></div> Mosab</div><div class="gmail_extra"><br><br><div class="gmail_quote">On Wed, Jul 31, 2013 at 2:46 PM, Sebastian Podjasek <span dir="ltr"><<a href="mailto:sebastian@podjasek.pl" target="_blank">sebastian@podjasek.pl</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<div>W dniu 30.07.2013 13:26, Mosab Messad
pisze:<br>
</div><div class="im">
<blockquote type="cite">
<div dir="ltr">Dears ,<br>
Kindly your support i am not able to have the NAT working on my
SE router, the configuration as below kindly advice ASAP please.<br>
--------------------<br>
<br>
context internet<br>
!<br>
no ip domain-lookup<br>
!<br>
ip nat pool NAT_pool napt multibind<br>
address <a href="http://66.150.66.131/32" target="_blank">66.150.66.131/32</a> port-block
1 to 15<br>
!<br>
nat policy NAT_policy<br>
pool NAT_pool internet<br>
timeout tcp 18000<br>
endpoint-independent filtering udp</div>
</blockquote>
<br></div>
Start with changing your nat pool address to something not bound to
any interface, later try to change your config to something similar:<br>
<br>
<pre>!
ip nat pool nat-pool1 napt multibind
address X.X.X.X/32 port-block 1 to 15
!
nat policy nat-policy1
! Default class
ignore
endpoint-independent filtering udp
icmp-notification
! Named classes
access-group nat-acl
class nat-class
pool nat-pool1 <<context>>
timeout tcp 18000
timeout udp 60
timeout fin-reset 60
timeout icmp 30
timeout syn 60
admission-control tcp
admission-control udp
admission-control icmp
endpoint-independent filtering udp
no icmp-notification
!
policy access-list nat-acl
! no nat for local transfers
seq 1000 permit icmp 10.180.0.0 0.0.255.255 10.180.0.0 0.0.255.255 class lan-class
seq 1001 permit udp 10.180.0.0 0.0.255.255 10.180.0.0 0.0.255.255 class lan-class
seq 1002 permit tcp 10.180.0.0 0.0.255.255 10.180.0.0 0.0.255.255 class lan-class
! nat everyting else
seq 2100 permit icmp 10.180.0.0 0.0.255.255 any class nat-class
seq 2200 permit udp 10.180.0.0 0.0.255.255 any class nat-class
seq 2300 permit tcp 10.180.0.0 0.0.255.255 any class nat-class
</pre><span class="HOEnZb"><font color="#888888">
<br>
<pre cols="72">--
Sebastian Podjasek
</pre>
</font></span></div>
<br>_______________________________________________<br>
redback-nsp mailing list<br>
<a href="mailto:redback-nsp@puck.nether.net">redback-nsp@puck.nether.net</a><br>
<a href="https://puck.nether.net/mailman/listinfo/redback-nsp" target="_blank">https://puck.nether.net/mailman/listinfo/redback-nsp</a><br>
<br></blockquote></div><br><br clear="all"><br>-- <br><div dir="ltr"><div><b style="color:rgb(51,51,51)">Best Regards</b><span style="color:rgb(51,51,51)">,</span><br style="color:rgb(51,51,51)"><b style="color:rgb(51,51,51);font-family:comic sans ms,sans-serif"> Mosab I. Messad</b><span style="color:rgb(51,51,51);font-family:comic sans ms,sans-serif"> </span></div>
<div><div dir="ltr"><span style="color:rgb(51,51,51);font-family:comic sans ms,sans-serif"></span><span style="color:rgb(51,51,51);font-family:comic sans ms,sans-serif"> Mobile: +966509006393</span></div></div></div>
</div>