Jump to content
Калькуляторы

cisco не работает nat

Reply to this topic

elyor   

elyor
Posted

здравствуйте всем. тут такая проблема, не работает нат, точнее работает только на icmp, на остальное нет.

в чём может быть проблема?

!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service compress-config
service sequence-numbers
!
hostname warland
!
boot-start-marker
boot-end-marker
!
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200 warnings
no logging console
!
no aaa new-model
!
resource policy
!
clock timezone Karachi 5
ip subnet-zero
no ip source-route
ip tcp synwait-time 10
!
!
ip cef
no ip dhcp use vrf connected
!
!
no ip ips deny-action ips-interface
no ip bootp server
ip domain name edu.uz
ip name-server x.x.x.x
ip name-server y.y.y.y
!
!
!
!
!
! 
!
!
!
interface Null0
no ip unreachables
!
interface Loopback0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip accounting output-packets
no snmp trap link-status
!
interface FastEthernet0/0
no ip address
no ip proxy-arp
duplex auto
speed auto
!
interface FastEthernet0/0.200
no cdp enable
!
interface FastEthernet0/0.202
encapsulation dot1Q 202
ip address 10.0.0.2 255.255.255.252
no snmp trap link-status
no cdp enable
!
interface FastEthernet0/0.203
description Link to Corporate Network vlanid 203
encapsulation dot1Q 203
ip address 10.20.26.2 255.255.255.0
ip nat outside
ip virtual-reassembly
no snmp trap link-status
no cdp enable
!
interface FastEthernet0/1
description Link to Local
no ip address
no ip proxy-arp
duplex auto
speed auto
!
interface FastEthernet0/1.200
encapsulation dot1Q 200
ip address z.z.z.z a.a.a.a
ip flow ingress
ip flow egress
no snmp trap link-status
no cdp enable
!
interface FastEthernet0/1.201
description Link to Local Subnet 192.168.1.0/24 vlanid 201
encapsulation dot1Q 201
ip address 192.168.1.253 255.255.255.0
ip nat inside
ip virtual-reassembly
no snmp trap link-status
no cdp enable
!
interface Content-Engine1/0
no ip address
shutdown
!
router ospf 30
router-id 10.20.26.2
log-adjacency-changes
redistribute static
network 10.20.26.2 0.0.0.0 area 0.0.0.30
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.0.0.1
ip flow-export version 5
ip flow-export destination 10.20.55.10 9995
!
no ip http server
no ip http secure-server
ip nat pool corporate 10.20.26.2 10.20.26.2 netmask 255.255.255.0
ip nat inside source list 110 pool corporate overload
!
ip access-list standard telnet
permit 10.20.55.10
!
access-list 100 permit ip host 192.168.1.243 any
access-list 100 deny   ip any any
access-list 110 permit ip 192.168.1.0 0.0.0.255 10.20.0.0 0.0.127.255
snmp-server community xxxx RO telnet
no cdp run
!
!
control-plane
!
!
alias exec bw show int fast 0
alias exec sr show running-config
alias exec ct configure terminal
alias exec cpu show proc cpu hist
!
line con 0
login local
transport output telnet
line aux 0
login local
transport output telnet
line 66
no activation-character
no exec
transport preferred none
transport input all
transport output all
line vty 0 4
access-class telnet in
exec-timeout 0 0
privilege level 15
login local
transport input telnet ssh
line vty 5 15
access-class 100 in
exec-timeout 0 0
privilege level 15
login local
transport input telnet ssh
!
scheduler allocate 20000 1000
!
end

заранее спасибо

Share this post

Link to post
Share on other sites

elyor   

elyor
Posted (edited)

вы бы хоть топологию набросали, непонятно же ничего...

а чего тут непонятного? один inside, один outside, с адресами

 

show ip route ospf покажите.

 

show ip route ospf
    10.0.0.0/8 is variably subnetted, 299 subnets, 4 masks                     
O IA    10.20.30.0/24 [110/5] via 10.20.26.1, 5d20h, FastEthernet0/0.203        
O IA    10.10.0.0/24 [110/14] via 10.20.26.1, 1w6d, FastEthernet0/0.203         
O IA    10.20.31.0/24 [110/5] via 10.20.26.1, 1w6d, FastEthernet0/0.203         
O       10.10.1.0/24 [110/4] via 10.20.26.1, 1w6d, FastEthernet0/0.203          
O IA    10.10.0.1/32 [110/14] via 10.20.26.1, 1w6d, FastEthernet0/0.203         
O E2    10.246.2.252/30 [110/1] via 10.20.26.1, 05:02:38, FastEthernet0/0.203   
O IA    10.20.28.0/24 [110/5] via 10.20.26.1, 1w2d, FastEthernet0/0.203         
O       10.10.2.0/24 [110/4] via 10.20.26.1, 1w6d, FastEthernet0/0.203          
O IA    10.10.3.0/24 [110/5] via 10.20.26.1, 2d06h, FastEthernet0/0.203         
O IA    10.10.4.0/24 [110/5] via 10.20.26.1, 3d18h, FastEthernet0/0.203         
O IA    10.20.27.0/24 [110/5] via 10.20.26.1, 1w1d, FastEthernet0/0.203         
O IA    10.10.5.0/24 [110/5] via 10.20.26.1, 05:02:43, FastEthernet0/0.203      
O IA    10.10.6.0/24 [110/5] via 10.20.26.1, 1w4d, FastEthernet0/0.203          
O IA    10.20.25.0/24 [110/5] via 10.20.26.1, 1d07h, FastEthernet0/0.203        
O IA    10.10.7.0/24 [110/5] via 10.20.26.1, 6d07h, FastEthernet0/0.203         
O IA    10.20.22.0/24 [110/5] via 10.20.26.1, 1w2d, FastEthernet0/0.203         
O IA    10.10.8.0/24 [110/5] via 10.20.26.1, 6d06h, FastEthernet0/0.203         
O IA    10.20.23.0/24 [110/5] via 10.20.26.1, 1w6d, FastEthernet0/0.203         
O IA    10.10.9.0/24 [110/5] via 10.20.26.1, 1d20h, FastEthernet0/0.203         
O IA    10.20.20.0/24 [110/5] via 10.20.26.1, 3d15h, FastEthernet0/0.203        
O IA    10.10.10.0/24 [110/5] via 10.20.26.1, 1w3d, FastEthernet0/0.203         
O IA    10.20.21.0/24 [110/5] via 10.20.26.1, 1w6d, FastEthernet0/0.203         
O IA    10.10.11.0/24 [110/5] via 10.20.26.1, 1w6d, FastEthernet0/0.203         
O IA    10.20.18.0/24 [110/5] via 10.20.26.1, 19:55:44, FastEthernet0/0.203     
O IA    10.10.12.0/24 [110/5] via 10.20.26.1, 2d16h, FastEthernet0/0.203        
O IA    10.10.13.0/24 [110/5] via 10.20.26.1, 1w6d, FastEthernet0/0.203         
O IA    10.20.16.0/24 [110/5] via 10.20.26.1, 1w6d, FastEthernet0/0.203         
O IA    10.20.17.0/24 [110/5] via 10.20.26.1, 1w6d, FastEthernet0/0.203         
O IA    10.10.15.0/24 [110/5] via 10.20.26.1, 1w2d, FastEthernet0/0.203         
O IA    10.10.16.0/24 [110/5] via 10.20.26.1, 1w6d, FastEthernet0/0.203         
O IA    10.10.17.0/24 [110/5] via 10.20.26.1, 1w6d, FastEthernet0/0.203         
O IA    10.20.12.0/24 [110/5] via 10.20.26.1, 2d16h, FastEthernet0/0.203        
O IA    10.10.18.0/24 [110/5] via 10.20.26.1, 19:55:44, FastEthernet0/0.203     
O IA    10.20.13.0/24 [110/5] via 10.20.26.1, 1w6d, FastEthernet0/0.203         
O IA    10.20.10.0/24 [110/5] via 10.20.26.1, 1w3d, FastEthernet0/0.203         
O IA    10.10.20.0/24 [110/5] via 10.20.26.1, 3d15h, FastEthernet0/0.203        
O IA    10.20.11.0/24 [110/5] via 10.20.26.1, 1w6d, FastEthernet0/0.203         
O IA    10.10.21.0/24 [110/5] via 10.20.26.1, 1w6d, FastEthernet0/0.203         
O IA    10.20.8.0/24 [110/5] via 10.20.26.1, 6d06h, FastEthernet0/0.203         
O IA    10.20.9.0/24 [110/5] via 10.20.26.1, 1d20h, FastEthernet0/0.203         
O IA    10.10.23.0/24 [110/5] via 10.20.26.1, 1w6d, FastEthernet0/0.203         
O IA    10.20.6.0/24 [110/5] via 10.20.26.1, 1w4d, FastEthernet0/0.203          
O IA    10.20.7.0/24 [110/5] via 10.20.26.1, 6d07h, FastEthernet0/0.203         
O IA    10.10.25.0/24 [110/5] via 10.20.26.1, 1d07h, FastEthernet0/0.203        
O IA    10.20.4.0/24 [110/5] via 10.20.26.1, 3d18h, FastEthernet0/0.203         
O       10.10.26.0/24 [110/2] via 10.20.26.1, 1w6d, FastEthernet0/0.203         
O IA    10.20.5.0/24 [110/5] via 10.20.26.1, 05:02:58, FastEthernet0/0.203      
O IA    10.10.27.0/24 [110/5] via 10.20.26.1, 1w1d, FastEthernet0/0.203      
O       10.20.2.0/24 [110/4] via 10.20.26.1, 1w6d, FastEthernet0/0.203       
O IA    10.10.28.0/24 [110/5] via 10.20.26.1, 1w2d, FastEthernet0/0.203      
O IA    10.20.3.0/24 [110/5] via 10.20.26.1, 2d06h, FastEthernet0/0.203      
O IA    10.10.30.0/24 [110/5] via 10.20.26.1, 5d20h, FastEthernet0/0.203     
O       10.20.1.0/24 [110/4] via 10.20.26.1, 1w6d, FastEthernet0/0.203       
O IA    10.10.31.0/24 [110/5] via 10.20.26.1, 1w6d, FastEthernet0/0.203      
O IA    10.10.32.0/24 [110/5] via 10.20.26.1, 1d16h, FastEthernet0/0.203     
O       10.10.33.0/24 [110/4] via 10.20.26.1, 1w6d, FastEthernet0/0.203      
O IA    10.10.34.0/24 [110/5] via 10.20.26.1, 1w6d, FastEthernet0/0.203      
O E2    10.20.61.0/24 [110/1] via 10.20.26.1, 05:03:08, FastEthernet0/0.203  
O E2    10.10.35.0/24 [110/1] via 10.20.26.1, 05:03:08, FastEthernet0/0.203  
O E2    10.100.74.0/24 [110/1] via 10.20.26.1, 05:03:08, FastEthernet0/0.203 
O E2    10.10.36.0/24 [110/1] via 10.20.26.1, 05:03:08, FastEthernet0/0.203  
O E2    10.20.59.0/24 [110/1] via 10.20.26.1, 05:03:08, FastEthernet0/0.203  
O E2    10.100.72.0/24 [110/1] via 10.20.26.1, 05:03:08, FastEthernet0/0.203 
O E2    10.10.38.0/24 [110/1] via 10.20.26.1, 05:03:08, FastEthernet0/0.203  
O E2    10.10.39.0/24 [110/1] via 10.20.26.1, 05:03:08, FastEthernet0/0.203  
O E2    10.10.40.0/24 [110/1] via 10.20.26.1, 05:03:08, FastEthernet0/0.203  
O E2    10.20.55.0/24 [110/1] via 10.20.26.1, 05:03:08, FastEthernet0/0.203  
O E2    10.10.41.0/24 [110/1] via 10.20.26.1, 05:03:08, FastEthernet0/0.203  
O E2    10.10.42.0/24 [110/1] via 10.20.26.1, 00:06:25, FastEthernet0/0.203  
O E2    10.100.69.0/24 [110/1] via 10.20.26.1, 05:03:08, FastEthernet0/0.203 
O E2    10.20.53.0/24 [110/1] via 10.20.26.1, 05:03:08, FastEthernet0/0.203  
O E2    10.100.66.0/24 [110/1] via 10.20.26.1, 05:03:18, FastEthernet0/0.203
O E2    10.20.50.0/24 [110/1] via 10.20.26.1, 05:03:18, FastEthernet0/0.203 
O E2    10.10.44.0/24 [110/1] via 10.20.26.1, 05:03:18, FastEthernet0/0.203 
O E2    10.100.67.0/24 [110/1] via 10.20.26.1, 05:03:18, FastEthernet0/0.203
O E2    10.20.51.0/24 [110/1] via 10.20.26.1, 05:03:18, FastEthernet0/0.203 
O E2    10.10.45.0/24 [110/1] via 10.20.26.1, 05:03:18, FastEthernet0/0.203 
O E2    10.10.46.0/24 [110/1] via 10.20.26.1, 05:03:18, FastEthernet0/0.203 
O E2    10.20.49.0/24 [110/1] via 10.20.26.1, 05:03:18, FastEthernet0/0.203 
O E2    10.20.46.0/24 [110/1] via 10.20.26.1, 05:03:18, FastEthernet0/0.203 
O E2    10.10.48.0/24 [110/1] via 10.20.26.1, 05:03:18, FastEthernet0/0.203 
O E2    10.10.49.0/24 [110/1] via 10.20.26.1, 05:03:18, FastEthernet0/0.203 
O E2    10.20.44.0/24 [110/1] via 10.20.26.1, 05:03:18, FastEthernet0/0.203 
O E2    10.10.50.0/24 [110/1] via 10.20.26.1, 05:03:18, FastEthernet0/0.203 
O E2    10.20.45.0/24 [110/1] via 10.20.26.1, 05:03:18, FastEthernet0/0.203 
O E2    10.10.51.0/24 [110/1] via 10.20.26.1, 05:03:18, FastEthernet0/0.203 
O E2    10.20.42.0/24 [110/1] via 10.20.26.1, 00:06:34, FastEthernet0/0.203 
O E2    10.10.53.0/24 [110/1] via 10.20.26.1, 05:03:18, FastEthernet0/0.203 
O E2    10.20.40.0/24 [110/1] via 10.20.26.1, 05:03:18, FastEthernet0/0.203 
O E2    10.20.41.0/24 [110/1] via 10.20.26.1, 05:03:18, FastEthernet0/0.203 
O E2    10.10.55.0/24 [110/1] via 10.20.26.1, 05:03:18, FastEthernet0/0.203 
O E2    10.20.38.0/24 [110/1] via 10.20.26.1, 05:03:18, FastEthernet0/0.203 
O E2    10.20.39.0/24 [110/1] via 10.20.26.1, 05:03:18, FastEthernet0/0.203 
O E2    10.20.36.0/24 [110/1] via 10.20.26.1, 05:03:18, FastEthernet0/0.203 
O E2    10.10.59.0/24 [110/1] via 10.20.26.1, 05:03:18, FastEthernet0/0.203 
O IA    10.20.34.0/24 [110/5] via 10.20.26.1, 1w6d, FastEthernet0/0.203       
O E2    10.10.60.0/24 [110/1] via 10.20.26.1, 05:03:26, FastEthernet0/0.203   
O E2    10.20.35.0/24 [110/1] via 10.20.26.1, 05:03:26, FastEthernet0/0.203   
O E2    10.10.61.0/24 [110/1] via 10.20.26.1, 05:03:26, FastEthernet0/0.203   
O E2    10.100.80.0/24 [110/1] via 10.20.26.1, 05:03:26, FastEthernet0/0.203  
O IA    10.20.32.0/24 [110/5] via 10.20.26.1, 1d16h, FastEthernet0/0.203      
O       10.20.33.0/24 [110/4] via 10.20.26.1, 1w6d, FastEthernet0/0.203       
O E2    10.100.46.0/24 [110/1] via 10.20.26.1, 05:03:26, FastEthernet0/0.203  
O E2    10.246.10.180/30 [110/1] via 10.20.26.1, 05:03:26, FastEthernet0/0.203
O E2    10.100.44.0/24 [110/1] via 10.20.26.1, 05:03:26, FastEthernet0/0.203  
O E2    10.10.66.0/24 [110/1] via 10.20.26.1, 05:03:26, FastEthernet0/0.203   
O E2    10.100.45.0/24 [110/1] via 10.20.26.1, 05:03:26, FastEthernet0/0.203  
O E2    10.10.67.0/24 [110/1] via 10.20.26.1, 05:03:26, FastEthernet0/0.203   
O E2    10.100.42.0/24 [110/1] via 10.20.26.1, 00:06:42, FastEthernet0/0.203  
O E2    10.10.69.0/24 [110/1] via 10.20.26.1, 05:03:26, FastEthernet0/0.203   
O E2    10.246.10.176/30 [110/1] via 10.20.26.1, 05:03:26, FastEthernet0/0.203
O E2    10.100.40.0/24 [110/1] via 10.20.26.1, 05:03:26, FastEthernet0/0.203  
O E2    10.10.70.0/24 [110/1] via 10.20.26.1, 05:03:26, FastEthernet0/0.203   
O E2    10.100.41.0/24 [110/1] via 10.20.26.1, 05:03:26, FastEthernet0/0.203  
O E2    10.100.38.0/24 [110/1] via 10.20.26.1, 05:03:26, FastEthernet0/0.203  
O E2    10.10.72.0/24 [110/1] via 10.20.26.1, 05:03:26, FastEthernet0/0.203   
O E2    10.100.39.0/24 [110/1] via 10.20.26.1, 05:03:26, FastEthernet0/0.203  
O E2    10.100.36.0/24 [110/1] via 10.20.26.1, 05:03:26, FastEthernet0/0.203  
O E2    10.10.74.0/24 [110/1] via 10.20.26.1, 05:03:26, FastEthernet0/0.203   
O IA    10.100.34.0/24 [110/5] via 10.20.26.1, 1w6d, FastEthernet0/0.203      
O E2    10.100.35.0/24 [110/1] via 10.20.26.1, 05:03:33, FastEthernet0/0.203  
O IA    10.100.32.0/24 [110/5] via 10.20.26.1, 1d16h, FastEthernet0/0.203     
O E2    10.20.80.0/24 [110/1] via 10.20.26.1, 05:03:33, FastEthernet0/0.203   
O       10.100.33.0/24 [110/4] via 10.20.26.1, 1w6d, FastEthernet0/0.203      
O E2    10.10.80.0/24 [110/1] via 10.20.26.1, 05:03:33, FastEthernet0/0.203   
O E2    10.246.10.164/30 [110/1] via 10.20.26.1, 05:03:33, FastEthernet0/0.203
O E2    10.100.60.0/24 [110/1] via 10.20.26.1, 05:03:33, FastEthernet0/0.203  
O E2    10.100.61.0/24 [110/1] via 10.20.26.1, 05:03:33, FastEthernet0/0.203  
O E2    10.20.74.0/24 [110/1] via 10.20.26.1, 05:03:33, FastEthernet0/0.203   
O E2    10.100.59.0/24 [110/1] via 10.20.26.1, 05:03:33, FastEthernet0/0.203  
O E2    10.246.10.160/30 [110/1] via 10.20.26.1, 05:03:33, FastEthernet0/0.203
O E2    10.20.72.0/24 [110/1] via 10.20.26.1, 05:03:33, FastEthernet0/0.203   
O E2    10.100.55.0/24 [110/1] via 10.20.26.1, 05:03:33, FastEthernet0/0.203  
O E2    10.246.10.172/30 [110/1] via 10.20.26.1, 05:03:33, FastEthernet0/0.203
O E2    10.100.53.0/24 [110/1] via 10.20.26.1, 05:03:33, FastEthernet0/0.203  
O E2    10.20.69.0/24 [110/1] via 10.20.26.1, 05:03:33, FastEthernet0/0.203   
O E2    10.100.50.0/24 [110/1] via 10.20.26.1, 05:03:33, FastEthernet0/0.203  
O E2    10.20.66.0/24 [110/1] via 10.20.26.1, 05:03:33, FastEthernet0/0.203   
O E2    10.100.51.0/24 [110/1] via 10.20.26.1, 05:03:33, FastEthernet0/0.203  
O E2    10.20.67.0/24 [110/1] via 10.20.26.1, 05:03:33, FastEthernet0/0.203   
O E2    10.246.10.168/30 [110/1] via 10.20.26.1, 05:03:33, FastEthernet0/0.203
O E2    10.100.48.0/24 [110/1] via 10.20.26.1, 05:03:33, FastEthernet0/0.203  
O E2    10.100.49.0/24 [110/1] via 10.20.26.1, 05:03:33, FastEthernet0/0.203  
O IA    10.100.15.0/24 [110/5] via 10.20.26.1, 1w2d, FastEthernet0/0.203      
O E2    10.246.10.148/30 [110/1] via 10.20.26.1, 05:03:41, FastEthernet0/0.203
O IA    10.100.12.0/24 [110/5] via 10.20.26.1, 2d16h, FastEthernet0/0.203     
O IA    10.100.13.0/24 [110/5] via 10.20.26.1, 1w6d, FastEthernet0/0.203      
O E2    10.110.0.0/16 [110/2] via 10.20.26.1, 05:03:41, FastEthernet0/0.203   
O IA    10.100.10.0/24 [110/5] via 10.20.26.1, 1w3d, FastEthernet0/0.203      
O IA    10.100.11.0/24 [110/5] via 10.20.26.1, 1w6d, FastEthernet0/0.203      
O E2    10.246.10.144/30 [110/1] via 10.20.26.1, 05:03:41, FastEthernet0/0.203
O IA    10.100.8.0/24 [110/5] via 10.20.26.1, 6d06h, FastEthernet0/0.203      
O IA    10.100.9.0/24 [110/5] via 10.20.26.1, 1d20h, FastEthernet0/0.203      
O IA    10.100.6.0/24 [110/5] via 10.20.26.1, 1w4d, FastEthernet0/0.203       
O IA    10.100.7.0/24 [110/5] via 10.20.26.1, 6d07h, FastEthernet0/0.203      
O E2    10.246.10.156/30 [110/1] via 10.20.26.1, 05:03:41, FastEthernet0/0.203
O IA    10.100.4.0/24 [110/5] via 10.20.26.1, 3d18h, FastEthernet0/0.203      
O IA    10.100.5.0/24 [110/5] via 10.20.26.1, 05:03:46, FastEthernet0/0.203   
O       10.100.2.0/24 [110/4] via 10.20.26.1, 1w6d, FastEthernet0/0.203       
O IA    10.100.3.0/24 [110/5] via 10.20.26.1, 2d06h, FastEthernet0/0.203      
O E2    10.246.10.152/30 [110/1] via 10.20.26.1, 05:03:41, FastEthernet0/0.203
O IA    10.100.0.0/24 [110/5] via 10.20.26.1, 1w6d, FastEthernet0/0.203       
O       10.100.1.0/24 [110/4] via 10.20.26.1, 1w6d, FastEthernet0/0.203       
O IA    10.100.30.0/24 [110/5] via 10.20.26.1, 5d20h, FastEthernet0/0.203     
O IA    10.100.31.0/24 [110/5] via 10.20.26.1, 1w6d, FastEthernet0/0.203      
O E2    10.246.10.132/30 [110/1] via 10.20.26.1, 05:03:41, FastEthernet0/0.203
O IA    10.100.28.0/24 [110/5] via 10.20.26.1, 1w2d, FastEthernet0/0.203      
O       10.100.26.0/24 [110/2] via 10.20.26.1, 1w6d, FastEthernet0/0.203      
O IA    10.100.27.0/24 [110/5] via 10.20.26.1, 1w1d, FastEthernet0/0.203      
O E2    10.246.10.128/30 [110/1] via 10.20.26.1, 05:03:49, FastEthernet0/0.203
O IA    10.100.25.0/24 [110/5] via 10.20.26.1, 1d07h, FastEthernet0/0.203     
O IA    10.100.23.0/24 [110/5] via 10.20.26.1, 1w6d, FastEthernet0/0.203      
O E2    10.246.10.140/30 [110/1] via 10.20.26.1, 05:03:49, FastEthernet0/0.203
O E2    10.246.2.132/30 [110/1] via 10.20.26.1, 05:03:49, FastEthernet0/0.203 
O IA    10.100.20.0/24 [110/5] via 10.20.26.1, 3d15h, FastEthernet0/0.203     
O IA    10.100.21.0/24 [110/5] via 10.20.26.1, 1w6d, FastEthernet0/0.203      
O IA    10.100.18.0/24 [110/5] via 10.20.26.1, 19:56:40, FastEthernet0/0.203  
O E2    10.246.10.136/30 [110/1] via 10.20.26.1, 05:03:49, FastEthernet0/0.203
O       10.246.2.128/30 [110/3] via 10.20.26.1, 1w6d, FastEthernet0/0.203     
O IA    10.100.16.0/24 [110/5] via 10.20.26.1, 1w6d, FastEthernet0/0.203      
O IA    10.100.17.0/24 [110/5] via 10.20.26.1, 1w6d, FastEthernet0/0.203      
O E2    10.246.10.116/30 [110/1] via 10.20.26.1, 05:03:49, FastEthernet0/0.203
O E2    10.246.2.124/30 [110/1] via 10.20.26.1, 05:03:49, FastEthernet0/0.203 
O E2    10.246.10.112/30 [110/1] via 10.20.26.1, 05:03:49, FastEthernet0/0.203
O E2    10.246.2.120/30 [110/1] via 10.20.26.1, 05:03:49, FastEthernet0/0.203 
O E2    10.246.10.124/30 [110/1] via 10.20.26.1, 05:03:49, FastEthernet0/0.203
O E2    10.246.2.116/30 [110/1] via 10.20.26.1, 05:03:49, FastEthernet0/0.203 
O E2    10.246.10.120/30 [110/1] via 10.20.26.1, 05:03:49, FastEthernet0/0.203
O E2    10.246.10.100/30 [110/1] via 10.20.26.1, 05:03:49, FastEthernet0/0.203
O E2    10.246.2.108/30 [110/1] via 10.20.26.1, 05:03:49, FastEthernet0/0.203 
O E2    10.246.10.96/30 [110/1] via 10.20.26.1, 05:03:49, FastEthernet0/0.203 
O E2    10.246.2.104/30 [110/1] via 10.20.26.1, 05:03:55, FastEthernet0/0.203 
O E2    10.246.10.108/30 [110/1] via 10.20.26.1, 05:03:55, FastEthernet0/0.203
O       10.246.2.100/30 [110/2] via 10.20.26.1, 1w6d, FastEthernet0/0.203     
O E2    10.246.10.104/30 [110/1] via 10.20.26.1, 05:03:55, FastEthernet0/0.203
O E2    10.246.2.96/30 [110/1] via 10.20.26.1, 05:03:55, FastEthernet0/0.203  
O E2    10.246.10.84/30 [110/1] via 10.20.26.1, 05:03:55, FastEthernet0/0.203 
O E2    10.246.10.80/30 [110/1] via 10.20.26.1, 05:03:55, FastEthernet0/0.203 
O E2    10.246.2.88/30 [110/1] via 10.20.26.1, 05:03:55, FastEthernet0/0.203  
O E2    10.246.10.92/30 [110/1] via 10.20.26.1, 05:03:55, FastEthernet0/0.203 
O E2    10.246.2.84/30 [110/1] via 10.20.26.1, 05:03:55, FastEthernet0/0.203  
O E2    10.246.1.80/32 [110/1] via 10.20.26.1, 05:03:55, FastEthernet0/0.203  
O E2    10.246.10.88/30 [110/1] via 10.20.26.1, 05:03:55, FastEthernet0/0.203 
O E2    10.246.2.80/30 [110/1] via 10.20.26.1, 05:03:55, FastEthernet0/0.203  
O E2    10.246.10.68/30 [110/1] via 10.20.26.1, 05:03:55, FastEthernet0/0.203 
O E2    10.246.2.76/30 [110/1] via 10.20.26.1, 05:03:55, FastEthernet0/0.203  
O E2    10.246.1.72/32 [110/1] via 10.20.26.1, 05:03:55, FastEthernet0/0.203  
O E2    10.246.10.64/30 [110/1] via 10.20.26.1, 05:03:55, FastEthernet0/0.203 
O E2    10.246.1.74/32 [110/1] via 10.20.26.1, 05:03:55, FastEthernet0/0.203  
O E2    10.246.1.69/32 [110/1] via 10.20.26.1, 05:03:55, FastEthernet0/0.203  
O E2    10.246.10.76/30 [110/1] via 10.20.26.1, 05:03:55, FastEthernet0/0.203 
O E2    10.246.2.68/30 [110/1] via 10.20.26.1, 05:03:55, FastEthernet0/0.203  
O E2    10.246.10.72/30 [110/1] via 10.20.26.1, 05:03:55, FastEthernet0/0.203 
O E2    10.246.2.64/30 [110/1] via 10.20.26.1, 05:03:55, FastEthernet0/0.203  
O E2    10.246.1.67/32 [110/1] via 10.20.26.1, 05:03:55, FastEthernet0/0.203  
O E2    10.246.1.66/32 [110/1] via 10.20.26.1, 05:04:02, FastEthernet0/0.203 
O E2    10.246.1.61/32 [110/1] via 10.20.26.1, 05:04:02, FastEthernet0/0.203 
O E2    10.246.1.60/32 [110/1] via 10.20.26.1, 05:04:02, FastEthernet0/0.203 
O E2    10.246.10.52/30 [110/1] via 10.20.26.1, 05:04:02, FastEthernet0/0.203
O E2    10.246.2.60/30 [110/1] via 10.20.26.1, 05:04:02, FastEthernet0/0.203 
O E2    10.246.10.48/30 [110/1] via 10.20.26.1, 05:04:02, FastEthernet0/0.203
O E2    10.246.2.56/30 [110/1] via 10.20.26.1, 05:04:02, FastEthernet0/0.203 
O E2    10.246.1.59/32 [110/1] via 10.20.26.1, 05:04:02, FastEthernet0/0.203 
O E2    10.246.1.53/32 [110/1] via 10.20.26.1, 05:04:02, FastEthernet0/0.203 
O E2    10.246.10.60/30 [110/1] via 10.20.26.1, 05:04:02, FastEthernet0/0.203
O E2    10.246.2.52/30 [110/1] via 10.20.26.1, 05:04:02, FastEthernet0/0.203 
O E2    10.246.1.55/32 [110/1] via 10.20.26.1, 05:04:02, FastEthernet0/0.203 
O E2    10.246.1.49/32 [110/1] via 10.20.26.1, 05:04:02, FastEthernet0/0.203 
O E2    10.246.1.48/32 [110/1] via 10.20.26.1, 05:04:02, FastEthernet0/0.203 
O E2    10.246.10.56/30 [110/1] via 10.20.26.1, 05:04:02, FastEthernet0/0.203
O E2    10.246.2.48/30 [110/1] via 10.20.26.1, 05:04:02, FastEthernet0/0.203 
O E2    10.246.1.51/32 [110/1] via 10.20.26.1, 05:04:02, FastEthernet0/0.203 
O E2    10.246.1.50/32 [110/1] via 10.20.26.1, 05:04:02, FastEthernet0/0.203 
O E2    10.246.1.45/32 [110/1] via 10.20.26.1, 05:04:02, FastEthernet0/0.203 
O E2    10.246.1.44/32 [110/1] via 10.20.26.1, 05:04:02, FastEthernet0/0.203 
O E2    10.246.10.36/30 [110/1] via 10.20.26.1, 05:04:02, FastEthernet0/0.203
O E2    10.246.2.44/30 [110/1] via 10.20.26.1, 05:04:02, FastEthernet0/0.203 
O E2    10.246.1.46/32 [110/1] via 10.20.26.1, 05:04:02, FastEthernet0/0.203 
O E2    10.246.1.41/32 [110/1] via 10.20.26.1, 05:04:02, FastEthernet0/0.203 
O E2    10.246.1.40/32 [110/1] via 10.20.26.1, 05:04:09, FastEthernet0/0.203 
O E2    10.246.10.32/30 [110/1] via 10.20.26.1, 05:04:09, FastEthernet0/0.203
O E2    10.246.2.40/30 [110/1] via 10.20.26.1, 05:04:09, FastEthernet0/0.203 
O E2    10.246.1.42/32 [110/1] via 10.20.26.1, 00:07:25, FastEthernet0/0.203 
O E2    10.246.1.36/32 [110/1] via 10.20.26.1, 05:04:09, FastEthernet0/0.203 
O E2    10.246.10.44/30 [110/1] via 10.20.26.1, 05:04:09, FastEthernet0/0.203
O E2    10.246.2.36/30 [110/1] via 10.20.26.1, 05:04:09, FastEthernet0/0.203 
O E2    10.246.1.39/32 [110/1] via 10.20.26.1, 05:04:09, FastEthernet0/0.203 
O E2    10.246.1.38/32 [110/1] via 10.20.26.1, 05:04:09, FastEthernet0/0.203 
O       10.246.1.33/32 [110/4] via 10.20.26.1, 1w6d, FastEthernet0/0.203     
O IA    10.246.1.32/32 [110/5] via 10.20.26.1, 1d16h, FastEthernet0/0.203    
O E2    10.246.10.40/30 [110/1] via 10.20.26.1, 05:04:09, FastEthernet0/0.203
O E2    10.246.2.32/30 [110/1] via 10.20.26.1, 05:04:09, FastEthernet0/0.203 
O E2    10.246.1.35/32 [110/1] via 10.20.26.1, 05:04:09, FastEthernet0/0.203 
O IA    10.246.1.34/32 [110/5] via 10.20.26.1, 1w6d, FastEthernet0/0.203     
O IA    10.246.1.28/32 [110/5] via 10.20.26.1, 1w2d, FastEthernet0/0.203     
O E2    10.246.10.20/30 [110/1] via 10.20.26.1, 05:04:09, FastEthernet0/0.203
O E2    10.246.2.28/30 [110/1] via 10.20.26.1, 05:04:09, FastEthernet0/0.203 
O IA    10.246.1.31/32 [110/5] via 10.20.26.1, 1w6d, FastEthernet0/0.203     
O IA    10.246.1.30/32 [110/5] via 10.20.26.1, 5d20h, FastEthernet0/0.203    
O IA    10.246.1.25/32 [110/4] via 10.20.26.1, 1d07h, FastEthernet0/0.203    
O E2    10.246.10.16/30 [110/1] via 10.20.26.1, 05:04:09, FastEthernet0/0.203
O E2    10.246.2.24/30 [110/1] via 10.20.26.1, 05:04:09, FastEthernet0/0.203 
O IA    10.246.1.27/32 [110/4] via 10.20.26.1, 1w1d, FastEthernet0/0.203     
O       10.246.1.26/32 [110/1] via 10.20.26.1, 1w6d, FastEthernet0/0.203     
O IA    10.246.1.21/32 [110/4] via 10.20.26.1, 1w6d, FastEthernet0/0.203     
O IA    10.246.1.20/32 [110/4] via 10.20.26.1, 3d15h, FastEthernet0/0.203    
O E2    10.246.10.28/30 [110/1] via 10.20.26.1, 05:04:14, FastEthernet0/0.203
O E2    10.246.2.20/30 [110/1] via 10.20.26.1, 05:04:14, FastEthernet0/0.203 
O IA    10.246.1.23/32 [110/4] via 10.20.26.1, 1w6d, FastEthernet0/0.203     
O IA    10.246.1.22/32 [110/4] via 10.20.26.1, 1w6d, FastEthernet0/0.203     
O IA    10.246.1.17/32 [110/4] via 10.20.26.1, 1w6d, FastEthernet0/0.203     
O IA    10.246.1.16/32 [110/4] via 10.20.26.1, 1w6d, FastEthernet0/0.203     
O E2    10.246.10.24/30 [110/1] via 10.20.26.1, 05:04:14, FastEthernet0/0.203
O E2    10.246.2.16/30 [110/1] via 10.20.26.1, 05:04:14, FastEthernet0/0.203 
O IA    10.246.1.18/32 [110/4] via 10.20.26.1, 19:57:05, FastEthernet0/0.203 
O IA    10.246.1.13/32 [110/4] via 10.20.26.1, 1w6d, FastEthernet0/0.203     
O IA    10.246.1.12/32 [110/4] via 10.20.26.1, 2d16h, FastEthernet0/0.203    
O E2    10.246.10.4/30 [110/1] via 10.20.26.1, 05:04:14, FastEthernet0/0.203 
O E2    10.246.2.12/30 [110/1] via 10.20.26.1, 05:04:14, FastEthernet0/0.203 
O IA    10.246.1.15/32 [110/4] via 10.20.26.1, 1w2d, FastEthernet0/0.203     
O IA    10.246.1.9/32 [110/4] via 10.20.26.1, 1d20h, FastEthernet0/0.203     
O IA    10.246.1.8/32 [110/4] via 10.20.26.1, 6d07h, FastEthernet0/0.203     
O E2    10.246.10.0/30 [110/1] via 10.20.26.1, 05:04:14, FastEthernet0/0.203 
O E2    10.246.2.8/30 [110/1] via 10.20.26.1, 05:04:14, FastEthernet0/0.203  
O IA    10.246.1.11/32 [110/4] via 10.20.26.1, 1w6d, FastEthernet0/0.203     
O IA    10.246.1.10/32 [110/4] via 10.20.26.1, 1w3d, FastEthernet0/0.203     
O IA    10.246.1.5/32 [110/4] via 10.20.26.1, 05:04:20, FastEthernet0/0.203  
O IA    10.246.1.4/32 [110/4] via 10.20.26.1, 3d18h, FastEthernet0/0.203     
O E2    10.246.10.12/30 [110/1] via 10.20.26.1, 05:04:21, FastEthernet0/0.203
O       10.246.2.4/30 [110/3] via 10.20.26.1, 1w6d, FastEthernet0/0.203      
O IA    10.246.1.7/32 [110/4] via 10.20.26.1, 6d08h, FastEthernet0/0.203     
O IA    10.246.1.6/32 [110/4] via 10.20.26.1, 1w4d, FastEthernet0/0.203      
O       10.246.1.1/32 [110/3] via 10.20.26.1, 1w6d, FastEthernet0/0.203      
O E2    10.246.10.8/30 [110/1] via 10.20.26.1, 05:04:21, FastEthernet0/0.203 
O       10.246.2.0/30 [110/3] via 10.20.26.1, 1w6d, FastEthernet0/0.203      
O IA    10.246.1.3/32 [110/4] via 10.20.26.1, 2d06h, FastEthernet0/0.203     
O       10.246.1.2/32 [110/3] via 10.20.26.1, 1w6d, FastEthernet0/0.203

Edited by elyor

Share this post

Link to post
Share on other sites

elyor   

elyor
Posted

проверял только на 10.20.55.0/24.

на хосте 10.20.55.10 icmp видны дампером, а остальные протоколы нет (http, ftp, ssh, dns)

насколько я понял, циска трафик вообще не пропускает, так как когда nat выключаю, пакеты доходят до меня с адресами 192.168.1.0/24, а когда включаю, то вообще ничего не видно, ни с 10.20.26.2, ни с 192.168.1.0/24.

Share this post

Link to post
Share on other sites

elyor   

elyor
Posted

ip nat inside source list 110 interface FastEthernet0/0.203 overload

то же самое, без изменений.

я это уже проверял перед тем, как сюда писать :)

Share this post

Link to post
Share on other sites

stepashka   

stepashka
Posted

У вас адрес nat pool попадает в acl описывающий трафик для ната

access-list 110 permit ip 192.168.1.0 0.0.0.255 10.20.0.0 0.0.127.255

Для проверки попробуйте привести 110 лист к виду:

access-list 110 permit ip 192.168.1.0 0.0.0.255 10.20.55.0 0.0.0.255

Share this post

Link to post
Share on other sites

elyor   

elyor
Posted

так, то, что пакеты не походят, это оказывается из-за inside хостов.

с ними справился, теперь такая проблема:

icmp - натится

http - натится

dns - не натится

ftp - не натится

 

вывод show ip nat tr

 

Pro Inside global      Inside local       Outside local      Outside global 
icmp 10.20.26.2:1      192.168.1.77:1     10.20.55.10:1      10.20.55.10:1  
tcp 10.20.26.2:52825   192.168.1.77:52825 10.20.55.10:21     10.20.55.10:21 
tcp 10.20.26.2:52825   192.168.1.77:52825 10.20.55.10:21     10.20.55.10:21
tcp 10.20.26.2:52899   192.168.1.77:52899 10.20.55.10:80     10.20.55.10:80
tcp 10.20.26.2:52900   192.168.1.77:52900 10.20.55.10:80     10.20.55.10:80
tcp 10.20.26.2:52915   192.168.1.77:52915 10.20.55.10:21     10.20.55.10:21
tcp 10.20.26.2:52936   192.168.1.77:52936 10.20.55.10:21     10.20.55.10:21
udp 10.20.26.2:63761   192.168.1.77:63761 10.20.55.10:53     10.20.55.10:53
udp 10.20.26.2:64912   192.168.1.77:64912 10.20.55.10:53     10.20.55.10:53
udp 10.20.26.2:64913   192.168.1.77:64913 10.20.55.10:53     10.20.55.10:53
udp 10.20.26.2:64914   192.168.1.77:64914 10.20.55.10:53     10.20.55.10:53

до хоста 10.20.55.10 dns и ftp доходят с ip 192.168.1.77

в чём может быть проблема?

p.s. access-list исправил.

Share this post

Link to post
Share on other sites

elyor   

elyor
Posted

я тут ещё debug включил на нат (debug ip nat det)

080270: *Jul 20 12:35:08.529 Karachi: NAT: Allocated Port for 192.168.1.77 -> 10.20.26.2: wanted 50279 got 50279
080271: *Jul 20 12:35:10.537 Karachi: NAT: Allocated Port for 192.168.1.77 -> 10.20.26.2: wanted 50280 got 50280
080272: *Jul 20 12:35:12.537 Karachi: NAT: Allocated Port for 192.168.1.77 -> 10.20.26.2: wanted 50281 got 50281
080273: *Jul 20 12:35:14.537 Karachi: NAT: Allocated Port for 192.168.1.77 -> 10.20.26.2: wanted 50282 got 50282
080274: *Jul 20 12:35:16.541 Karachi: NAT: Allocated Port for 192.168.1.77 -> 10.20.26.2: wanted 50283 got 50283

это на dns

и ещё он говорит что 

080279: *Jul 20 12:36:09.005 Karachi: NAT: expiring 10.20.26.2 (192.168.1.77) udp 50279 (50279)
080280: *Jul 20 12:36:10.541 Karachi: NAT: expiring 10.20.26.2 (192.168.1.77) udp 50280 (50280)
080281: *Jul 20 12:36:12.589 Karachi: NAT: expiring 10.20.26.2 (192.168.1.77) udp 50281 (50281)
080282: *Jul 20 12:36:14.637 Karachi: NAT: expiring 10.20.26.2 (192.168.1.77) udp 50282 (50282)
080283: *Jul 20 12:36:16.685 Karachi: NAT: expiring 10.20.26.2 (192.168.1.77) udp 50283 (50283)

хотя никакого ната не было (т.е. на 10.20.55.10 source был 192.168.1.77, а не 10.20.26.2)

что мне с ним делать? ))

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Followers 0
Go to topic listing Активное оборудование Ethernet, IP, MPLS, SDN/NFV...