Question

Locked

Static NAT trouble shooting

By gmat79 ·
Hi This is Murali

From india


I have configured NAT in Router for my office network.Its is working fine...Now i am trying to configure static NAT for my office mail server to access any from outside network.After finish the config i am able to ping the (Mapped)public ip from outside in static NAT.

But once i have checked show access-list i am not getting any hit count in ACL...

Here i am pasting the configuration below...I need any one's help this.

access-list 101 permit ip 192.168.200.0 0.0.0.255 any
access-list 101 permit tcp any host <12.1.2.3> eq smtp
access-list 101 permit tcp any host <12.1.2.3> eq www


ip nat inside source list 101 interface FastEthernet0/1 overload
ip nat inside source static tcp 192.168.200.2 25 <12.1.2.3> 25 extendable
ip nat inside source static tcp 192.168.200.2 80 <12.1.2.3> 80 extendable


ip access-group 101 in


Extended IP access list 101
10 permit ip 192.168.200.0 0.0.0.255 any (147 matches)
20 permit tcp any host <12.1.2.3> eq smtp
30 permit tcp any host <12.1.2.3> eq www

This conversation is currently closed to new comments.

4 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

Its very urgent.....

by gmat79 In reply to Static NAT trouble shooti ...

This is very very urgent some one help me on this......

Collapse -

Move access list up

by SYNner In reply to Static NAT trouble shooti ...

I'm not sure if the routers process static nats top down... Try moving it up and moving the access-list up as well.

Collapse -

one to one? one to many? many to one?

by CG IT In reply to Move access list up

ACLs are processes first to last with last being deny access [implicit deny not shown on the ACL].

what NAT? Are you doing one to one static NAT soley for your email server [private address to one global local address]?

Collapse -

Both overload and One to one

by gmat79 In reply to one to one? one to many? ...

Yes i am performing Both NAT Overloading..as well as performing one to one static NAT for email server.

I i didn't give any ACL i am able to access my email server from outside...

But i want to restrict only through SMTP and HTTp.

For this reason i am giving ACL..

I am guessing problem with only ACL...Because ia m not getting hit count...

For NAT overload i am getting hit count increase in ACL.

Back to Networks Forum
4 total posts (Page 1 of 1)  

Related Discussions

Related Forums