BBSDUMP › CCNP Q&A › Nat has a problem, ask for help. It can be done on the simulator, but not on the

renma19th Publish time 1-1-2021 17:11:41

Nat has a problem, ask for help. It can be done on the simulator, but not on the real machine.

The last post was edited on 18:49-2025 by marenth

There is a problem in the project. The database servers at both ends have the same IP and need to access each other. The network structure is as follows:
https://siqilab.com:44305/data/attachment/forum/202101/01/152726uvlm1ng77nvn77nz.png
Screenshot 2021-01-01 152654.png (30.22 KB, 0 downloads)

Upload at 15:27 on January 1, 2021
Both PC addresses of Intranet 8.3 and overload 8.3 are 172.30.8.3/24, and gateway is 172.30.8.254. Gateway of Intranet 8.3 is set in interface VLAN 120 of sw-a. The gateway with heavy load 8.3 is set at G0 / 1 interface of router R1. Sw-b is a layer 2 switch, and all interfaces are in layer 2 VLAN 120. The requirement is that PC intranet 8.3 needs to communicate with PC overload 8.3. Two way NAT is set on nat-r1 to convert the address 172.30.8.3 of Intranet 8.3 to 192.168.10.3, and the address 172.30.8.3 of overload 8.3 to 192.168.7.3
In real environment, sw-a is a 1811 plus switch board, nat-r1 is Cisco 3945 router, sw-b is Cisco 2960 switch
The configuration of sw-a is as follows:
SW-A#sh run
Building configuration...

!
vlan 120
name old-server

!
vlan 500
name to-6720
!
interface FastEthernet2
switchport access vlan 120
!
interface FastEthernet3
switchport access vlan 120
!
interface FastEthernet4
switchport access vlan 120
!
interface FastEthernet5
switchport access vlan 120
!
interface FastEthernet6
switchport access vlan 500
！
interface Vlan120
ip address 172.30.8.254 255.255.255.0
!
interface Vlan500
ip address 192.168.5.1 255.255.255.252
!
ip route 192.168.7.0 255.255.255.0 192.168.5.2


The configuration of router R1 is as follows:
NAT-R1#sh run
Building configuration...


!
interface GigabitEthernet0/0
ip address 192.168.5.2 255.255.255.252
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
media-type rj45
!
interface GigabitEthernet0/1
ip address 172.30.8.254 255.255.255.0
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
media-type rj45
!
no ip http secure-server
ip nat inside source static 172.30.8.1 192.168.10.1
ip nat inside source static 172.30.8.2 192.168.10.2
ip nat inside source static 172.30.8.3 192.168.10.3
ip nat inside source static 172.30.8.4 192.168.10.4
ip nat outside source static 172.30.8.3 192.168.7.3
ip nat outside source static 172.30.8.4 192.168.7.4
ip route 172.30.8.3 255.255.255.255 192.168.5.1
ip route 172.30.8.4 255.255.255.255 192.168.5.1
ip route 192.168.7.0 255.255.255.0 GigabitEthernet0/1
!

The above is the configuration of the real machine, only the interface number has a certain change on the simulator.
At present, the problem is that after configuration, the intranet pc8.3 and the extranet pc8.3 cannot Ping each other. When I configure it on Cisco packet tracer, the simulator of Cisco, I can communicate. But it doesn‘t work when it comes to the real machine. From intranet 8.3 to 192.168.5.2, from overload 8.3 to 172.30.8.254
Ask for help, after the festival will actually cut, trouble which God can help to see what is going on.
Restart the device several times, and replace the router from 3945 to 1841 and 3845, the result is the same.
The results of show ip NAT tran are as follows:
NAT-R1#sh ip nat translations
Pro Inside global      Inside local       Outside local      Outside global
--- ---                ---                192.168.7.3      172.30.8.3
--- ---                ---                192.168.7.4      172.30.8.4
--- 192.168.10.1       172.30.8.1         ---                ---
--- 192.168.10.2       172.30.8.2         ---                ---
--- 192.168.10.3       172.30.8.3         ---                ---
--- 192.168.10.4       172.30.8.4         ---                ---


The route on the router is as follows:
NAT-R1#sh ip rou
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is not set

      172.30.0.0/16 is variably subnetted, 14 subnets, 2 masks
S      172.30.8.1/32 via 192.168.5.1
S      172.30.8.2/32 via 192.168.5.1
S      172.30.8.3/32 via 192.168.5.1
S      172.30.8.4/32 via 192.168.5.1
      192.168.5.0/24 is variably subnetted, 2 subnets, 1 masks
C      192.168.5.0/30 is directly connected, GigabitEthernet0/0
L      192.168.5.2/32 is directly connected, GigabitEthernet0/0
S   192.168.7.0/24 via GigabitEthernet0/1

View full version: Nat has a problem, ask for help. It can be done on the simulator, but not on the