No announcement yet.

NAT and Overload

  • Filter
  • Time
  • Show
Clear All
new posts

  • NAT and Overload

    Hi all
    I have a 2811 Cisco Router with 2 Fast Ethernet now I want to NAT All users who have invalid IP( with 127 Ip Address( and except if user want to connect to special IP( all packet nat with, I set it:
    access-list 111 permit icmp any host
    access-list 111 permit ip any host
    access-list 112 deny ip any host
    access-list 112 permit ip any

    ip nat pool Special netmask
    ip nat pool Users netmask

    ip nat inside source list 111 pool Special overload
    ip nat inside source list 112 pool Users overload

    Now I have 2 Problem:
    if I set overload I see all users assign to first IP of Pool Users and after fill all socket on this IP assign another IP to them, if I clear overload from nat Users after 5 hours I see all IP into this pool assign to users however some of those IP's does not assign to current user(user get service and go out but IP didnot free) in that time if I type "Clear IP NAT Translations *" Natting pool assign from begin and free IP but it is Manually not automatically this is first problem, and I see another problem if I does not use Overload in nat Users: on that state it doesnot work first NAT (Special nat) because all users and all service from IP on pool users!!!!!
    Now I want to setting for Natting assign all ip in pool to users without fulling and work nat special.

    Opssss!!!!!! Please help me!

  • #2
    Re: NAT and Overload

    If you want users to grab an IP address from the pool you should not use overload.
    For the NAT pool Special you will need overload as you only have one IP address in that pool.

    The NAT does not clear or timeout once the session is dropped but by default it timeouts after 24 hours. So if you have more potential users then addresses in your pool you can increase your pool to have a sufficient number of addresses. You can shorten the NAT timeout to some number you deem sufficient remembering the timeout is in seconds not hours or minutes or you can use the overload function and possibly shrink your pool of addresses.

    Not sure about your last statment here regarding not getting an address from the Special NAT pool. It looks like that pool is only going to be utilized for one address. If your configuration worked with overload on the USER pool it should still work. If you removed overload on both pools then that is a problem for the Special Pool.


    • #3
      Re: NAT and Overload

      Thank you Casual for your answer
      Now I have to explain my problem agian
      If I donot use overload for NAT, after router assign a IP to user the Special NAT donnot work.for example user try to and router assign to him and after then if user want to connect to I debug NAT in router and see IP try to connect to not this main is the rule for Special NAT cannot work true.
      and another problem is I have 190 Users in my office and all of them can connect to internet but Extremely 100 users simultaneous connect to internet.
      after 4 or 5 hours all IP's in pool are assigned and new user cannot get valid IP I set NAT timeout to 3600 sec but I see this problem again,
      OK the first problem very important for me
      agian thank you for your help
      Best Regards