You also ?¬?nd that the router interfaces are incorrectly
de?¬?ned as NAT inside or NAT outside.
After you correctly de?¬?ne the NAT inside and outside interfaces, generate another ping
from host A to host B. In the example, the ping still fails. Issue the show ip nat translations
and show ip nat statistics commands again to troubleshoot the problem. In the example,
you ?¬?nd that translations are still not occurring.
Next, you should use the show access-list command to verify whether the ACL that is
referenced by the NAT command is permitting all the necessary networks:
RouterA# sshhooww aacccceessss--lliisstt
Standard IP access list 1
10 permit 192.168.1.1, wildcard bits 255.255.255.0
From this output, you determine that an incorrect wildcard bit mask has been used in the
ACL that de?¬?nes the addresses to be translated.
After correcting the ACL wildcard bit mask, you generate another ping from host A to
host B. The ping still fails. However, when you reissue the show ip nat translations and
show ip nat statistics commands, you ?¬?nd that translations are now occurring:
RouterA# sshhooww iipp nnaatt ttrraannssllaattiioonnss
Pro Inside global Inside local Outside local Outside global
--- 172.
Pages:
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405