Is It Possible to Ping Static NAT Address?

I made a post yesterday, but probably made it way to confusing.

I guess my question is: is it possible to ping a device that has been assigned a static NAT address?

For instance, I have a server

On my router I have:

ip nat inside source static

On my access list, I have permit icmp any host echo-reply

But when I try to ping, I get "destination net unreachable" from the router for the network on which the server resides.

Thank you

Reply to
Loading thread data ...

Which access list is that?

ip nat inside is not used unless the traffic makes its way to an interface where ip nat outside has been configured. When your traffic crosses between "inside" and "outside" that's automatic but when you are trying to have the ping loop around, the traffic is coming from the inside and destined to the inside so there is no crossing.

I have not configured IOS nat myself so I don't know which tricks are available. If the above is something you -need- to do then you plausibly might have to configure a loopback interface in the mix.

But -needing- to do this is uncommon: usually it is better to set up DNS so that you get handed different IPs depending on which side is doing the asking. Some people have said that they need to do this "for monitoring purposes", but I'm not certain what the point is considering all the different ways that looping back through a local router differs from accessing through a remote host

Reply to
Walter Roberson

If the access-list is bound to the outside interface then try changing your access list to icmp echo and not echo-reply:-

permit icmp any host echo


Walter Robers> >

Reply to

So, you want to reach the server via Now, when you configure a static IP, shouldn't you add the subnet mask of the server?

The Dude

Reply to
The Dude Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.