|
|
|
|
| Cisco router running NAT refuses to let certain hosts through |
|---|
|
Problem:
Some but not all hosts on a network are able to access the Internet via a Cisco router running Network Address Translation (NAT)
When trying to ping/traceroute hosts on the internet, the router returns "host unreachable"
There are no access-lists, or the access-lists have been double checked to make sure they're not blocking valid traffic.
|
|
Solution:
Verify that overloading is enabled. Without using overload, the NAT mechanism will only be able to support N simultaneous hosts, where N is the size of your ip nat pool.
Since NAT can be configured in many ways I will not go into the full setup here, but instead show you a few variants of the config line in question.
Example 1:
"ip nat inside source route-map nonat pool mynatpool"
Use instead:
"ip nat inside source route-map nonat pool mynatpool overload"
Example 2:
"ip nat inside source list 10 pool mynatpool"
Use instead:
"ip nat inside source list 10 pool mynatpool overload"
Example 3:
"ip nat inside source route-map nonat interface Serial0"
Use instead:
"ip nat inside source route-map nonat interface Serial0 overload"
|
|
|
|
|
|
This is free technical advice without any warranties.
Use at your own risk. Solutions offered may not apply to your particular problem at all.
Opinions and views expressed in the articles are the authors' personal
and may not necessarily reflect or coincide with those of Ano-Tech Computers.
We take no responsibility if anything bad happens from following any of
the intructions given. If you don't understand and accept this, please
contact us for personal assistance instead.
To read our full disclaimer, go
here.
We welcome anyone who is willing to contribute to this public knowledge base,
contact siteadmin@atc.no
if you have information you would like to share. The idea is not to replace
the commercial support sites, but to publish those hard-to-find
solutions you've found yourself looking for over and over again.
Show all articles
