How to configure Static NAT on Cisco IOS Router

klausengelmann · December 29, 2013, 11:18am

Hello Rene.

Fantastic lesson. I have some doubts about NAT like the one described below using your example:

When a ping is done from the NAT server to the Webserver there is a failure.

Logs from NAT are reporting this:

NAT#ping 192.168.23.3

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.23.3, timeout is 2 seconds:

*Mar  1 00:12:43.191: IP: tableid=0, s=192.168.23.2 (local), d=192.168.23.3 (FastEthernet0/1), routed via FIB
*Mar  1 00:12:43.191: IP: s=192.168.23.2 (local), d=192.168.23.3 (FastEthernet0/1), len 100, sending
*Mar  1 00:12:43.279: NAT*: s=192.168.23.3, d=192.168.23.2-&gt;192.168.12.1 [41].
*Mar  1 00:12:45.187: IP: tableid=0, s=192.168.23.2 (local), d=192.168.23.3 (FastEthernet0/1), routed via FIB
*Mar  1 00:12:45.187: IP: s=192.168.23.2 (local), d=192.168.23.3 (FastEthernet0/1), len 100, sending
*Mar  1 00:12:45.219: NAT*: s=192.168.23.3, d=192.168.23.2-&gt;192.168.12.1 [42].
*Mar  1 00:12:47.059: NAT: expiring 192.168.23.2 (192.168.12.1) icmp 10 (10)
*Mar  1 00:12:47.187: IP: tableid=0, s=192.168.23.2 (local), d=192.168.23.3 (FastEthernet0/1), routed via FIB
*Mar  1 00:12:47.187: IP: s=192.168.23.2 (local), d=192.168.23.3 (FastEthernet0/1), len 100, sending
*Mar  1 00:12:47.219: NAT*: s=192.168.23.3, d=192.168.23.2-&gt;192.168.12.1 [43].
*Mar  1 00:12:49.187: IP: tableid=0, s=192.168.23.2 (local), d=192.168.23.3 (FastEthernet0/1), routed via FIB
*Mar  1 00:12:49.187: IP: s=192.168.23.2 (local), d=192.168.23.3 (FastEthernet0/1), len 100, sending
*Mar  1 00:12:49.219: NAT*: s=192.168.23.3, d=192.168.23.2-&gt;192.168.12.1 [44].
*Mar  1 00:12:51.155: NAT: expiring 192.168.23.2 (192.168.12.1) icmp 11 (11)
*Mar  1 00:12:51.187: IP: tableid=0, s=192.168.23.2 (local), d=192.168.23.3 (FastEthernet0/1), routed via FIB
*Mar  1 00:12:51.187: IP: s=192.168.23.2 (local), d=192.168.23.3 (FastEthernet0/1), len 100, sending
*Mar  1 00:12:51.219: NAT*: s=192.168.23.3, d=192.168.23.2-&gt;192.168.12.1 [45].

Success rate is 0 percent (0/5)

*Mar  1 00:13:05.491: NAT: expiring 192.168.23.2 (192.168.12.1) icmp 6 (6)
*Mar  1 00:13:05.491: NAT: expiring 192.168.23.2 (192.168.12.1) icmp 4 (4)
*Mar  1 00:13:29.555: NAT: expiring 192.168.23.2 (192.168.12.1) icmp 12 (12)
*Mar  1 00:13:51.571: NAT: expiring 192.168.23.2 (192.168.12.1) icmp 13 (13)

Could you help me to understand more this log ?

Does the Static NAT rule apply to self-genereting traffic ?