Question

Locked

Anyone have global inside ip ping issues when nat outside is applied ?

By proxystub ·
Hi there

recently went from an ADSL internet service to an IPVPN internet service.

Having issues with pinging the global ip provided by the new ISP WHEN "ip nat outside" is applied to the outside interface on my 2811 router.

When i dont attempt to do translation of inside lan ips to the inside global ip ie there is no "ip nat outside" on the outside interface i can ping the golbal inside ip from the routers cli and from the internet.

Once i apply "ip nat outside" i cant ping the ip from the routers CLI or see it from the internet. However my lan ips can access the internet just fine.

put simply, whenever nat is applied the router cant ping its own global ip on the outside interface.

anyone have similar problems ? .

This conversation is currently closed to new comments.

4 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

Your terminiology is not consistent

by Spitfire_Sysop In reply to Anyone have global inside ...

Read your post again. Inside global means you are not using NAT and you have publicly routable IPs inside your network. When you use NAT(or PAT to be correct) you have one Outside Global address and a bunch of inside local addresses that are private. When you use "ip nat outside" you are setting 1-1 NAT so that the outside global maps to an inside local. This means that a ping would be answered by the computer on the inside and not the router itself as the router would pass the ping on to the address in the outside NAT table. Instead of this setup most people use 1 to many NAT(or PAT) and they use port forwards to map internal services.

Most people also want to block ICMP at the gateway.

Read this:
http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080094837.shtml

Collapse -

Reponse To Answer

by proxystub In reply to Your terminiology is not ...

Hi there

Yes i have a valid public IP address 202.xxx.xxx.xxx on my outside interface.

interface FastEthernet0/0/0
ip address 202.xxx.xxx.xxx 255.255.255.252
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto

this is being natted using the overload method

ip nat inside source list 100 interface FastEthernet0/0/0 overload

Collapse -

SOLVED

by proxystub In reply to Anyone have global inside ...

buggy IOS version 15.1(3)T2

Back to Networks Forum
4 total posts (Page 1 of 1)  

Related Discussions

Related Forums