NAT: address not stolen for
- From: biscotti.macdonald@xxxxxxxxx
- Date: 28 Nov 2005 17:57:17 -0800
I'm having some trouble with a small vlan and nat setup. Only one of my
vlans are being nat'd out to the internet. With the other vlan, I can
ping the WAN interface but nothing gets nat'd past it. some of the nat
debug messages have the following:
02:33:25: NAT: failed to allocate address for 172.16.96.2, list/map 3
and
02:33:25: NAT: address not stolen for 172.16.96.2, proto 1 port 512
Do you have to a seperate WAN public IP address to overload on for each
nat pool or can you overload multiple vlans on the same WAN IP?
Here are relevant parts of the config:
interface FastEthernet0/0.2
description PCG Administration and OPS
encapsulation dot1Q 2
ip address 192.168.96.1 255.255.255.128
no ip directed-broadcast
ip nat inside
no ip route-cache
no ip mroute-cache
!
interface FastEthernet0/0.3
description PCG CONFERENCE ROOMS
encapsulation dot1Q 3
ip address 172.16.96.1 255.255.255.128
no ip directed-broadcast
ip nat inside
no ip route-cache
no ip mroute-cache
!
ip nat pool PCC 68.223.124.183 68.223.124.183 prefix-length 25
ip nat inside source list 2 pool PCC overload
ip nat inside source list 3 pool PCC overload
!
access-list 2 permit 192.168.96.0 0.0.0.255
access-list 3 permit 172.16.96.0 0.0.0.255
Any help would greatly be appreciated.
Thanks,
Scott
.
- Follow-Ups:
- Re: NAT: address not stolen for
- From: Hansang Bae
- Re: NAT: address not stolen for
- Prev by Date: Re: WIC 1T
- Next by Date: Aironet and EAP-FAST
- Previous by thread: Cisco 871 router and WEP WPA-PSK
- Next by thread: Re: NAT: address not stolen for
- Index(es):
Relevant Pages
|
