3 troubleshooting cases, Networking, Fault analysis – Panasonic 8000 User Manual

Page 139: 5 troubleshooting cases -23

Attention! The text in this document has been recognized automatically. To view the original document, you can use the "Original mode".

Advertising
background image

Nortel Secure Router 8000 Series
Troubleshooting - VAS__________

4 NAT troubleshooting

4.3 Troubleshooting cases

4.3.1 Internal Network Cannot Successfully Ping the External

Network After NAT Is Configured on the Router

Networking

In the network shown in Figure 4-6, outbound NAT is configured; Router A is connected to
the internal network; Router C is connected to the external network. It is required that NAT be
configured on Router B to implement the communication between the internal network and
external network.

Figure 4-6 Internal network fails to ping the external network

Internal
network

External
network

RouterA

Eth4/0/1

10.1.1.1/24

RouterB

Eth2/0/1

10.1.1.2/24

Eth4/0/0

202.1.1.1/24

RouterC

Eth4/0/6

202.1.1.2/24

SR8000

After the configuration, you can find that Ethernet 2/0/1 on Router A cannot successfully ping
Ethernet 4/0/6 on Router C.

Fault Analysis

Step 1 Run the display interface command on Router A, Router B, and Router C to check the status

of each interface. You can find that the four interfaces on the routers are all Up and the
directly connected interface can be successfully pinged from each other.

Step 2 Run the ping 10.1.1.2 command on Router C and then run the display this interface

command on Router A to view the statistics of incoming packets on Ethernet 2/0/1. You can
find that the statistics increase, which indicates that the ACL is correctly configured on Router
B.

Step 3 Run the display ip routing-table command on Router B to check whether there are routes to

the external network segment where the destination IP address resides. You can find that there
are routes to the external network segment.

Step 4 Run the display nat address-group command and the display this command on Router B to

check whether the addresses in the address pool and the IP address of Ethernet 4/0/0 are on
the same network segment. You can find that they are on different network segments.

Step 5 Run the display ip routing-table command on Router C to check whether there are routes to

the address pool. You can find that there are routes to the address pool.

Issue 01.01 (30 March 2009)

Nortel Networks Inc.

4-9

Advertising
Popular Brands
Popular manuals