Your company (Company ABC) makes a new contract with a Partner for a new research project. This requires connectivity between the Research Departments of the two companies.
Unfortunately, both companies uses the same private addressing space,
192.168.0.0/16, for internet network.
In order to perform the connectivity, Network Address Translation needs to be configured, but your partner company does not have a dedicated network team (they outsource the network changes to external parties, when needed) so in order to make this work as soon as possible, the NAT is performed on Company ABC's border router (R2) as shown below:
The target is:
- your company's server 192.168.11.1 will be seen as 172.16.23.1 on the partner side
- partner server 192.168.44.4 will be seen as 192.168.1.4 inside your company's network
Another constraint that exist within your network, is the fact that your border router (R2) is already using the old-style NAT (as apposed to new NVI, NAT Virtual Interface, feature) to hide/translate your internal network behind serial0/0 interface towards the Internet (R5=ISP), so for the moment, you have to use the legacy methods.
Unfortunately, there's something wrong with the new NAT because the connectivity between R1 and R4 is not working.
Here is the troubleshooting that you perform (
deb ip nat detailedIP NAT detailed debugging is on R2# *Mar 1 01:26:24.335: NAT*: o: icmp (192.168.44.4, 3) -> (172.16.23.1, 3)  *Mar 1 01:26:24.335: NAT*: s=192.168.44.4->192.168.1.4, d=172.16.23.1  *Mar 1 01:26:24.335: NAT*: s=192.168.1.4, d=172.16.23.1->192.168.11.1  R2# R2# sh ip nat translationsPro Inside global Inside local Outside local Outside global --- --- --- 192.168.1.4 192.168.44.4 icmp 172.16.23.1:3 192.168.11.1:3 192.168.1.4:3 192.168.44.4:3 --- 172.16.23.1 192.168.11.1 --- --- R2#un all
What is the problem?
Post your answer in the 'Comments' section below and subscribe to this blog to get the detailed solution and more interesting quizzes.