Firewall Wizards mailing list archives
NAT on Cisco IOS weirdness
From: Transistor Sister <raven () kalypso cybercom net>
Date: Tue, 9 Feb 1999 12:44:52 -0500 (EST)
Greetings-- My attempts at configuring NAT on a 2611 running IOS 11.3 have been in vain. The following is a dump of my config: ip nat pool natpool 207.xxx.xxx.5 207.xxx.xxx.5 netmask 255.255.255.0 ip nat inside source list 1 pool natpool overload interface Ethernet0/0 ip address 207.xxx.xx.1 255.255.255.0 ip nat outside interface Ethernet0/1 ip address 10.0.0.204 255.0.0.0 ip nat inside access-list 1 permit 10.0.0.0 0.0.0.255 With this configuration in place, I am fully able to make connections from a net 10 box behind the router to systems on my DMZ (207.xxx.xxx.xxx addresses) with the .5 translated global address. However, all connections to hosts outside of my public network using the same box get refused with messages such as: Feb 4 21:23:04 remotehost in.telnetd[9096]: refused connect from unknown Feb 4 21:24:06 remotehost in.telnetd[9101]: warning: can't get client address: No route to host What am I missing here? Thanks in advance for any help. .Sarah
Current thread:
- NAT on Cisco IOS weirdness Transistor Sister (Feb 10)