PAT not translating at all












3














I am studying for my CCENT.
I threw together a PAT practice lab.
Other than DHCP and RIP everything is pretty stock.
No VLANs
No security
Just NAT overload on ACCESS router.
I am stumped why it isn't translating
It will still ping all around.
show ip nat statistics, miss count is going up.
Debugging for NAT is on but silent.
It all looks like it should be working.



Is there something wrong with my configuration?



enter image description here



ACCESS#sho ip nat translations 



ACCESS#sho ip nat stat

Total translations: 0 (0 static, 0 dynamic, 0 extended)

Outside Interfaces: GigabitEthernet0/1

Inside Interfaces: GigabitEthernet0/0

Hits: 0  Misses: 163

Expired translations: 0

Dynamic mappings:



ACCESS#show run

Building configuration...



Current configuration : 981 bytes

!

version 15.1

no service timestamps log datetime msec

no service timestamps debug datetime msec

no service password-encryption

!

hostname ACCESS

!

ip cef

no ipv6 cef

!

license udi pid CISCO2911/K9 sn FTX1524DSR5-

!

spanning-tree mode pvst

!

interface GigabitEthernet0/0

 ip address 10.0.0.1 255.255.255.0

 ip helper-address 8.8.8.2

 ip nat inside

 duplex auto

 speed auto

!

interface GigabitEthernet0/1

 ip address 8.8.8.1 255.255.255.252

 ip nat outside

 duplex auto

 speed auto

!

interface GigabitEthernet0/2

 no ip address

 duplex auto

 speed auto

 shutdown

!

interface Vlan1

 no ip address

 shutdown

!

router rip

 version 2

 passive-interface GigabitEthernet0/0

 network 8.0.0.0

 network 10.0.0.0

!

ip nat inside source list 1 interface GigabitEthernet0/1 overload

ip classless

!

ip flow-export version 9

!

access-list 1 permit host 10.0.0.0

!

no cdp run

!

line con 0

!

line aux 0

!

line vty 0 4

 login

!

end





routing nat cisco-ios troubleshooting







share|improve this question
























  • You really need to give us all the router configurations, and we need to know specifically what doesn't seem to be working. Also, if you are trying to run a routing protocol through NAPT, you must understand that is not going to work.
    – Ron Maupin
    Dec 3 '18 at 14:22
















3














I am studying for my CCENT.
I threw together a PAT practice lab.
Other than DHCP and RIP everything is pretty stock.
No VLANs
No security
Just NAT overload on ACCESS router.
I am stumped why it isn't translating
It will still ping all around.
show ip nat statistics, miss count is going up.
Debugging for NAT is on but silent.
It all looks like it should be working.



Is there something wrong with my configuration?



enter image description here



ACCESS#sho ip nat translations 



ACCESS#sho ip nat stat

Total translations: 0 (0 static, 0 dynamic, 0 extended)

Outside Interfaces: GigabitEthernet0/1

Inside Interfaces: GigabitEthernet0/0

Hits: 0  Misses: 163

Expired translations: 0

Dynamic mappings:



ACCESS#show run

Building configuration...



Current configuration : 981 bytes

!

version 15.1

no service timestamps log datetime msec

no service timestamps debug datetime msec

no service password-encryption

!

hostname ACCESS

!

ip cef

no ipv6 cef

!

license udi pid CISCO2911/K9 sn FTX1524DSR5-

!

spanning-tree mode pvst

!

interface GigabitEthernet0/0

 ip address 10.0.0.1 255.255.255.0

 ip helper-address 8.8.8.2

 ip nat inside

 duplex auto

 speed auto

!

interface GigabitEthernet0/1

 ip address 8.8.8.1 255.255.255.252

 ip nat outside

 duplex auto

 speed auto

!

interface GigabitEthernet0/2

 no ip address

 duplex auto

 speed auto

 shutdown

!

interface Vlan1

 no ip address

 shutdown

!

router rip

 version 2

 passive-interface GigabitEthernet0/0

 network 8.0.0.0

 network 10.0.0.0

!

ip nat inside source list 1 interface GigabitEthernet0/1 overload

ip classless

!

ip flow-export version 9

!

access-list 1 permit host 10.0.0.0

!

no cdp run

!

line con 0

!

line aux 0

!

line vty 0 4

 login

!

end





routing nat cisco-ios troubleshooting







share|improve this question
























  • You really need to give us all the router configurations, and we need to know specifically what doesn't seem to be working. Also, if you are trying to run a routing protocol through NAPT, you must understand that is not going to work.
    – Ron Maupin
    Dec 3 '18 at 14:22














3












3








3







I am studying for my CCENT.
I threw together a PAT practice lab.
Other than DHCP and RIP everything is pretty stock.
No VLANs
No security
Just NAT overload on ACCESS router.
I am stumped why it isn't translating
It will still ping all around.
show ip nat statistics, miss count is going up.
Debugging for NAT is on but silent.
It all looks like it should be working.



Is there something wrong with my configuration?



enter image description here



ACCESS#sho ip nat translations 



ACCESS#sho ip nat stat

Total translations: 0 (0 static, 0 dynamic, 0 extended)

Outside Interfaces: GigabitEthernet0/1

Inside Interfaces: GigabitEthernet0/0

Hits: 0  Misses: 163

Expired translations: 0

Dynamic mappings:



ACCESS#show run

Building configuration...



Current configuration : 981 bytes

!

version 15.1

no service timestamps log datetime msec

no service timestamps debug datetime msec

no service password-encryption

!

hostname ACCESS

!

ip cef

no ipv6 cef

!

license udi pid CISCO2911/K9 sn FTX1524DSR5-

!

spanning-tree mode pvst

!

interface GigabitEthernet0/0

 ip address 10.0.0.1 255.255.255.0

 ip helper-address 8.8.8.2

 ip nat inside

 duplex auto

 speed auto

!

interface GigabitEthernet0/1

 ip address 8.8.8.1 255.255.255.252

 ip nat outside

 duplex auto

 speed auto

!

interface GigabitEthernet0/2

 no ip address

 duplex auto

 speed auto

 shutdown

!

interface Vlan1

 no ip address

 shutdown

!

router rip

 version 2

 passive-interface GigabitEthernet0/0

 network 8.0.0.0

 network 10.0.0.0

!

ip nat inside source list 1 interface GigabitEthernet0/1 overload

ip classless

!

ip flow-export version 9

!

access-list 1 permit host 10.0.0.0

!

no cdp run

!

line con 0

!

line aux 0

!

line vty 0 4

 login

!

end





routing nat cisco-ios troubleshooting







share|improve this question















I am studying for my CCENT.
I threw together a PAT practice lab.
Other than DHCP and RIP everything is pretty stock.
No VLANs
No security
Just NAT overload on ACCESS router.
I am stumped why it isn't translating
It will still ping all around.
show ip nat statistics, miss count is going up.
Debugging for NAT is on but silent.
It all looks like it should be working.



Is there something wrong with my configuration?



enter image description here



ACCESS#sho ip nat translations 



ACCESS#sho ip nat stat

Total translations: 0 (0 static, 0 dynamic, 0 extended)

Outside Interfaces: GigabitEthernet0/1

Inside Interfaces: GigabitEthernet0/0

Hits: 0  Misses: 163

Expired translations: 0

Dynamic mappings:



ACCESS#show run

Building configuration...



Current configuration : 981 bytes

!

version 15.1

no service timestamps log datetime msec

no service timestamps debug datetime msec

no service password-encryption

!

hostname ACCESS

!

ip cef

no ipv6 cef

!

license udi pid CISCO2911/K9 sn FTX1524DSR5-

!

spanning-tree mode pvst

!

interface GigabitEthernet0/0

 ip address 10.0.0.1 255.255.255.0

 ip helper-address 8.8.8.2

 ip nat inside

 duplex auto

 speed auto

!

interface GigabitEthernet0/1

 ip address 8.8.8.1 255.255.255.252

 ip nat outside

 duplex auto

 speed auto

!

interface GigabitEthernet0/2

 no ip address

 duplex auto

 speed auto

 shutdown

!

interface Vlan1

 no ip address

 shutdown

!

router rip

 version 2

 passive-interface GigabitEthernet0/0

 network 8.0.0.0

 network 10.0.0.0

!

ip nat inside source list 1 interface GigabitEthernet0/1 overload

ip classless

!

ip flow-export version 9

!

access-list 1 permit host 10.0.0.0

!

no cdp run

!

line con 0

!

line aux 0

!

line vty 0 4

 login

!

end





routing nat cisco-ios troubleshooting




routing nat cisco-ios troubleshooting






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Dec 3 '18 at 12:28









jonathanjo

10.9k1834




10.9k1834










asked Dec 3 '18 at 11:19









Reckless Liberty

182




182












  • You really need to give us all the router configurations, and we need to know specifically what doesn't seem to be working. Also, if you are trying to run a routing protocol through NAPT, you must understand that is not going to work.
    – Ron Maupin
    Dec 3 '18 at 14:22


















  • You really need to give us all the router configurations, and we need to know specifically what doesn't seem to be working. Also, if you are trying to run a routing protocol through NAPT, you must understand that is not going to work.
    – Ron Maupin
    Dec 3 '18 at 14:22
















You really need to give us all the router configurations, and we need to know specifically what doesn't seem to be working. Also, if you are trying to run a routing protocol through NAPT, you must understand that is not going to work.
– Ron Maupin
Dec 3 '18 at 14:22




You really need to give us all the router configurations, and we need to know specifically what doesn't seem to be working. Also, if you are trying to run a routing protocol through NAPT, you must understand that is not going to work.
– Ron Maupin
Dec 3 '18 at 14:22










1 Answer
1






active

oldest

votes


















4














Looks like the NAT access-list 1 is too tight. host 10.0.0.0 will only match the single host with address 10.0.0.0, and you have no such host.



You almost certainly wanted this:



access-list 1 permit 10.0.0.0 0.0.0.255


which will include your hosts at the bottom of your diagram.






share|improve this answer























  • The wildcard mask got me. I entered it as a subnet mask. so, was my other traffic going as normal and NAT was just waiting for host 10.0.0.0 to translate?
    – Reckless Liberty
    Dec 3 '18 at 11:49












  • Also, can you please tell me how you edited my code to be in it's original format? thanks again
    – Reckless Liberty
    Dec 3 '18 at 11:51










  • Re mask: I believe so. Re formatting: mark some text, click { } in little edit menu. For inline, use back-ticks. If you edit the question you'll see it.
    – jonathanjo
    Dec 3 '18 at 11:53












  • I can't edit, I'm too new., what's a backtick?
    – Reckless Liberty
    Dec 3 '18 at 11:55












  • The back-tick is also sometimes called left-single-quote or grave (which I can't type here) en.wikipedia.org/wiki/Grave_accent#Use_in_programming You don't type the braces, you click on the braces icon, which isn't obvious to me either. Or you can type four spaces at the front of each line (and blank lines above and below) a block to mark it like the configs.
    – jonathanjo
    Dec 3 '18 at 11:59













Your Answer








StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "496"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fnetworkengineering.stackexchange.com%2fquestions%2f55161%2fpat-not-translating-at-all%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes









4














Looks like the NAT access-list 1 is too tight. host 10.0.0.0 will only match the single host with address 10.0.0.0, and you have no such host.



You almost certainly wanted this:



access-list 1 permit 10.0.0.0 0.0.0.255


which will include your hosts at the bottom of your diagram.






share|improve this answer























  • The wildcard mask got me. I entered it as a subnet mask. so, was my other traffic going as normal and NAT was just waiting for host 10.0.0.0 to translate?
    – Reckless Liberty
    Dec 3 '18 at 11:49












  • Also, can you please tell me how you edited my code to be in it's original format? thanks again
    – Reckless Liberty
    Dec 3 '18 at 11:51










  • Re mask: I believe so. Re formatting: mark some text, click { } in little edit menu. For inline, use back-ticks. If you edit the question you'll see it.
    – jonathanjo
    Dec 3 '18 at 11:53












  • I can't edit, I'm too new., what's a backtick?
    – Reckless Liberty
    Dec 3 '18 at 11:55












  • The back-tick is also sometimes called left-single-quote or grave (which I can't type here) en.wikipedia.org/wiki/Grave_accent#Use_in_programming You don't type the braces, you click on the braces icon, which isn't obvious to me either. Or you can type four spaces at the front of each line (and blank lines above and below) a block to mark it like the configs.
    – jonathanjo
    Dec 3 '18 at 11:59


















4














Looks like the NAT access-list 1 is too tight. host 10.0.0.0 will only match the single host with address 10.0.0.0, and you have no such host.



You almost certainly wanted this:



access-list 1 permit 10.0.0.0 0.0.0.255


which will include your hosts at the bottom of your diagram.






share|improve this answer























  • The wildcard mask got me. I entered it as a subnet mask. so, was my other traffic going as normal and NAT was just waiting for host 10.0.0.0 to translate?
    – Reckless Liberty
    Dec 3 '18 at 11:49












  • Also, can you please tell me how you edited my code to be in it's original format? thanks again
    – Reckless Liberty
    Dec 3 '18 at 11:51










  • Re mask: I believe so. Re formatting: mark some text, click { } in little edit menu. For inline, use back-ticks. If you edit the question you'll see it.
    – jonathanjo
    Dec 3 '18 at 11:53












  • I can't edit, I'm too new., what's a backtick?
    – Reckless Liberty
    Dec 3 '18 at 11:55












  • The back-tick is also sometimes called left-single-quote or grave (which I can't type here) en.wikipedia.org/wiki/Grave_accent#Use_in_programming You don't type the braces, you click on the braces icon, which isn't obvious to me either. Or you can type four spaces at the front of each line (and blank lines above and below) a block to mark it like the configs.
    – jonathanjo
    Dec 3 '18 at 11:59
















4












4








4






Looks like the NAT access-list 1 is too tight. host 10.0.0.0 will only match the single host with address 10.0.0.0, and you have no such host.



You almost certainly wanted this:



access-list 1 permit 10.0.0.0 0.0.0.255


which will include your hosts at the bottom of your diagram.






share|improve this answer














Looks like the NAT access-list 1 is too tight. host 10.0.0.0 will only match the single host with address 10.0.0.0, and you have no such host.



You almost certainly wanted this:



access-list 1 permit 10.0.0.0 0.0.0.255


which will include your hosts at the bottom of your diagram.







share|improve this answer














share|improve this answer



share|improve this answer








edited Dec 3 '18 at 12:54

























answered Dec 3 '18 at 11:30









jonathanjo

10.9k1834




10.9k1834












  • The wildcard mask got me. I entered it as a subnet mask. so, was my other traffic going as normal and NAT was just waiting for host 10.0.0.0 to translate?
    – Reckless Liberty
    Dec 3 '18 at 11:49












  • Also, can you please tell me how you edited my code to be in it's original format? thanks again
    – Reckless Liberty
    Dec 3 '18 at 11:51










  • Re mask: I believe so. Re formatting: mark some text, click { } in little edit menu. For inline, use back-ticks. If you edit the question you'll see it.
    – jonathanjo
    Dec 3 '18 at 11:53












  • I can't edit, I'm too new., what's a backtick?
    – Reckless Liberty
    Dec 3 '18 at 11:55












  • The back-tick is also sometimes called left-single-quote or grave (which I can't type here) en.wikipedia.org/wiki/Grave_accent#Use_in_programming You don't type the braces, you click on the braces icon, which isn't obvious to me either. Or you can type four spaces at the front of each line (and blank lines above and below) a block to mark it like the configs.
    – jonathanjo
    Dec 3 '18 at 11:59




















  • The wildcard mask got me. I entered it as a subnet mask. so, was my other traffic going as normal and NAT was just waiting for host 10.0.0.0 to translate?
    – Reckless Liberty
    Dec 3 '18 at 11:49












  • Also, can you please tell me how you edited my code to be in it's original format? thanks again
    – Reckless Liberty
    Dec 3 '18 at 11:51










  • Re mask: I believe so. Re formatting: mark some text, click { } in little edit menu. For inline, use back-ticks. If you edit the question you'll see it.
    – jonathanjo
    Dec 3 '18 at 11:53












  • I can't edit, I'm too new., what's a backtick?
    – Reckless Liberty
    Dec 3 '18 at 11:55












  • The back-tick is also sometimes called left-single-quote or grave (which I can't type here) en.wikipedia.org/wiki/Grave_accent#Use_in_programming You don't type the braces, you click on the braces icon, which isn't obvious to me either. Or you can type four spaces at the front of each line (and blank lines above and below) a block to mark it like the configs.
    – jonathanjo
    Dec 3 '18 at 11:59


















The wildcard mask got me. I entered it as a subnet mask. so, was my other traffic going as normal and NAT was just waiting for host 10.0.0.0 to translate?
– Reckless Liberty
Dec 3 '18 at 11:49






The wildcard mask got me. I entered it as a subnet mask. so, was my other traffic going as normal and NAT was just waiting for host 10.0.0.0 to translate?
– Reckless Liberty
Dec 3 '18 at 11:49














Also, can you please tell me how you edited my code to be in it's original format? thanks again
– Reckless Liberty
Dec 3 '18 at 11:51




Also, can you please tell me how you edited my code to be in it's original format? thanks again
– Reckless Liberty
Dec 3 '18 at 11:51












Re mask: I believe so. Re formatting: mark some text, click { } in little edit menu. For inline, use back-ticks. If you edit the question you'll see it.
– jonathanjo
Dec 3 '18 at 11:53






Re mask: I believe so. Re formatting: mark some text, click { } in little edit menu. For inline, use back-ticks. If you edit the question you'll see it.
– jonathanjo
Dec 3 '18 at 11:53














I can't edit, I'm too new., what's a backtick?
– Reckless Liberty
Dec 3 '18 at 11:55






I can't edit, I'm too new., what's a backtick?
– Reckless Liberty
Dec 3 '18 at 11:55














The back-tick is also sometimes called left-single-quote or grave (which I can't type here) en.wikipedia.org/wiki/Grave_accent#Use_in_programming You don't type the braces, you click on the braces icon, which isn't obvious to me either. Or you can type four spaces at the front of each line (and blank lines above and below) a block to mark it like the configs.
– jonathanjo
Dec 3 '18 at 11:59






The back-tick is also sometimes called left-single-quote or grave (which I can't type here) en.wikipedia.org/wiki/Grave_accent#Use_in_programming You don't type the braces, you click on the braces icon, which isn't obvious to me either. Or you can type four spaces at the front of each line (and blank lines above and below) a block to mark it like the configs.
– jonathanjo
Dec 3 '18 at 11:59




















draft saved

draft discarded




















































Thanks for contributing an answer to Network Engineering Stack Exchange!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.





Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


Please pay close attention to the following guidance:


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fnetworkengineering.stackexchange.com%2fquestions%2f55161%2fpat-not-translating-at-all%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

Popular posts from this blog

How to send String Array data to Server using php in android

Image
0 I have a String array which contains value string array = {6,37,38,837,7,...} and I have also used some string values. I want to send that all string values and string array to my database which is located at server side. When I am click on submit button the data will stored in table. On the PHP side I want to read this array as it is,other thing i will do at background means PHP side. See my below code then you will get it what I am says. Here is my code: public class Hotels extends Activity { // Declare Variables JSONArray jsonarray = null; private static final String TAG_ID = "id"; public static final String TAG_NAME = "name"; public static final String TAG_LOCATION = "location"; public static final String TAG_DESC = "description"; String f_date, l_date;...
Read more

Title Spacing in Bjornstrup Chapter, Removing Chapter Number From Contents

Image
up vote 5 down vote favorite 2 I would like to make it so that the vertical space below the title of each chapter is the same when using the Bjornstrup package (i.e. so that the descenders do not affect the spacing - as shown by the red arrow in the picture below). I think I'm fairly happy with the spacing around "A chapter", so I'd really like titles without descenders (e.g. "Contents") to have the same vertical spacing as "A chapter" below the title. I would also like to remove the large "0" in the contents title. Any help appreciated, as always. documentclass[11pt,a4paper]{book} % Packages[![enter image description here][1]][1] usepackage[left=3.5cm, right=3.5cm, top=4.3cm, bottom=4.25cm]{geometry} usepackage[utf8]{inputenc} usepackage{libertine} usepackage[libertine]{newtx...
Read more

Is anime1.com a legal site for watching anime?

Image
up vote 4 down vote favorite 1 Other anime streaming sites are blocking my IP because I'm Iranian while anime1.com isn't. I wanted to know if it's legal to watch/stream anime from this site. Thanks. anime-production share | improve this question edited Nov 27 at 22:38 W. Are 1,599 2 23 asked Nov 27 at 20:36 mhnajafi 23 3 add a comment ...
Read more