Microsoft
Software
Hardware
Network
Question : Problem: Cisco 2600 ip nat pool Cisco2611-natpool-1 169.254.53.25 169.254.53.30 netmask 255.255.255.248 error
My Cisco 2611 router with c2600-i-mz.113-10.T does not appear to have an ip nat pool command. I have looked high and low and cannot seem to find any documentation on where to find this command in the ios or if it exists at all. I have a net of 6 usable addresses that host internet services. I would like for the router to use nat on all traffic and to forward certain external addresses to certain internal hosts. Is there another way I can do this besides the way my config file shows? What happened to the ip nat pool command in my IOS? Any suggestions for further reading on the matter or a nifty solution would be greatly appreciated. Thanks.
heres my sh ver:
Cisco Internetwork Operating System Software
IOS (tm) C2600 Software (C2600-I-M), Version 11.3(10)T, RELEASE SOFTWARE (fc1)
Copyright (c) 1986-1999 by cisco Systems, Inc.
Compiled Tue 01-Jun-99 17:16 by pwade
Image text-base: 0x80008084, data-base: 0x80566960
ROM: System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1)
reticulum uptime is 40 minutes
System restarted by reload
System image file is "flash:c2600-i-mz.113-10.T
", booted via flash
cisco 2611 (MPC860) processor (revision 0x2
00:40:17: %SYS02) with 18432K/6144K bytes of memory.
Processor board ID JAB033205L6 (4171835389)
M860 processor: part number 0, mask 49
Bridging software.
X.25 software, Version 3.0.0.
2 Ethernet/IEEE 802.3 interface(s)
32K bytes of non-volatile configuration memory.
8192K bytes of processor board System flash (Read/Write)
Configuration register is 0x2102
heres my config:
(I changed my IP's to the 169.254. range. Everything else is the same.)
!
service timestamps debug uptime
service timestamps log uptime
service password-encryption
no service tcp-small-servers
no service udp-small-servers
!
hostname Cisco2611
!
enable secret xx
!
ip source-route
no ip name-server
!
ip subnet-zero
no ip domain-lookup
ip routing
!
interface Ethernet 0/0
no shutdown
description connected to Internet
ip address 169.254.53.25 255.255.255.248
ip nat outside
ip access-group 101 in
keepalive 10
!
interface Ethernet 0/1
no shutdown
description connected to EthernetLAN
ip address 192.168.53.25 255.255.255.240
ip nat inside
ip access-group 100 in
keepalive 10
!
! Access Control List 1
!
no access-list 1
access-list 1 permit 192.168.53.16 0.0.0.15
!
! Access Control List 100
!
no access-list 100
access-list 100 permit udp any eq rip any eq rip
access-list 100 permit tcp any any established
access-list 100 permit ip host 192.168.53.27 any
access-list 100 permit ip host 192.168.53.17 any
access-list 100 deny ip host 192.168.53.29 any
access-list 100 permit ip host 192.168.53.30 any
access-list 100 permit tcp host 192.168.53.26 any range ftp-data ftp
access-list 100 permit tcp host 192.168.53.26 any eq www
access-list 100 permit icmp host 192.168.53.26 any
access-list 100 permit tcp host 192.168.53.26 any eq ntp
access-list 100 permit tcp host 192.168.53.26 any eq smtp
access-list 100 permit tcp host 192.168.53.26 any eq telnet
access-list 100 permit udp host 192.168.53.26 any eq domain
access-list 100 deny ip host 192.168.53.26 any
access-list 100 permit tcp host 192.168.53.28 any eq www
access-list 100 permit icmp host 192.168.53.28 any
access-list 100 permit tcp host 192.168.53.28 any eq ntp
access-list 100 permit tcp host 192.168.53.28 any eq smtp
access-list 100 permit tcp host 192.168.53.28 any eq telnet
access-list 100 permit tcp host 192.168.53.28 any range ftp-data ftp
access-list 100 deny ip host 192.168.53.28 any
access-list 100 permit ip any any
!
! Access Control List 101
!
no access-list 101
access-list 101 deny tcp host 205.210.53.29 eq 1723 any
access-list 101 deny ip host 205.210.53.30 any
access-list 101 deny ip host 205.210.53.26 any
access-list 101 deny ip host 205.210.53.28 any
access-list 101 deny ip host 205.210.53.27 any
access-list 101 permit tcp any any established
access-list 101 deny ip any host 205.210.53.29
access-list 101 permit tcp any host 205.210.53.29 eq 1723
access-list 101 deny ip any host 205.210.53.30
access-list 101 permit tcp any host 205.210.53.30 eq smtp
access-list 101 permit tcp any host 205.210.53.30 eq www
access-list 101 permit udp any host 205.210.53.30 eq domain
access-list 101 permit tcp any host 205.210.53.30 range ftp-data ftp
access-list 101 permit tcp any host 205.210.53.30 eq telnet
access-list 101 permit tcp any host 205.210.53.27 range ftp-data ftp
access-list 101 permit tcp any host 205.210.53.27 eq www
access-list 101 deny ip any host 205.210.53.27
access-list 101 permit tcp any host 205.210.53.26 range ftp-data ftp
access-list 101 permit udp any host 205.210.53.26 eq domain
access-list 101 permit tcp any host 205.210.53.26 eq www
access-list 101 permit icmp any host 205.210.53.26
access-list 101 permit tcp any host 205.210.53.26 eq ntp
access-list 101 permit tcp any host 205.210.53.26 eq smtp
access-list 101 permit tcp any host 205.210.53.26 eq telnet
access-list 101 deny ip any host 205.210.53.26
access-list 101 permit udp any host 205.210.53.28 eq domain
access-list 101 permit tcp any host 205.210.53.28 range ftp-data ftp
access-list 101 permit tcp any host 205.210.53.28 eq www
access-list 101 permit icmp any host 205.210.53.28
access-list 101 permit tcp any host 205.210.53.28 eq ntp
access-list 101 permit tcp any host 205.210.53.28 eq smtp
access-list 101 permit tcp any host 205.210.53.28 eq telnet
!
! Static NAT
!
ip nat inside source static 192.168.53.27 205.210.53.27
ip nat inside source static 192.168.53.30 205.210.53.30
ip nat inside source static 192.168.53.28 205.210.53.28
ip nat inside source static 192.168.53.26 205.210.53.26
!
! Dynamic NAT
!
ip nat translation timeout 86400
ip nat translation tcp-timeout 86400
ip nat translation udp-timeout 300
ip nat translation dns-timeout 60
ip nat translation finrst-timeout 60
ip nat pool Cisco2611-natpool-1 169.254.53.25 169.254.53.30 netmask 255.255.255.248
ip nat inside source list 1 pool Cisco2611-natpool-1 overload
!
router rip
version 2
network 192.168.53.0
passive-interface Ethernet 0/0
no auto-summary
!
!
ip classless
!
! IP Static Routes
ip route 0.0.0.0 0.0.0.0 Ethernet 0/0
no ip http server
snmp-server community public RO
no snmp-server location
no snmp-server contact
!
line console 0
exec-timeout 0 0
password xx
login
!
line vty 0 1
password xx
login
!
end
Answer : Problem: Cisco 2600 ip nat pool Cisco2611-natpool-1 169.254.53.25 169.254.53.30 netmask 255.255.255.248 error
It is supposed to be available in 11.2 and higher, but you may need the PLUS feature pack in 11.x:
http://www.cisco.com/unive
rcd/cc/td/
doc/produc
t/software
/
ios122/12
2cgcr/fipr
as_r/1rfip
adr.htm#10
19495
Any chance you can upgrade to a 12.0 release IOS?
Configuration guidance:
http://www.cisco.com/warp/
public/556
/9.html
Random Solutions
Problem: ddr2-667 vs ddr2-800
Problem: IOS for 3750
Problem: System Process at high CPU usage. CPU at 100% We are crawling!
Problem: CISCO DIALUP ROUTER CONFIGURATION HELP!!!!!!!!!!!!!!!!!!!!
Problem: Ram upgrade for no-brand PC
Problem: PC hang while plug-in USB thumbdrive
Problem: Cannot find driver for the NIC
Problem: DTE V.24 (RS-232) Clocks Stopped.
Problem: cant get console on mstsc
Problem: VPN Tunnel is connected, but traffic ignores it...