I'm having some trouble with a small vlan and nat setup. Only one of my vlans are being nat'd out to the internet. With the other vlan, I can ping the WAN interface but nothing gets nat'd past it. some of the nat debug messages have the following:
02:33:25: NAT: failed to allocate address for 172.16.96.2, list/map 3and
02:33:25: NAT: address not stolen for 172.16.96.2, proto 1 port 512Do you have to a seperate WAN public IP address to overload on for each nat pool or can you overload multiple vlans on the same WAN IP?
Here are relevant parts of the config:
interface FastEthernet0/0.2 description PCG Administration and OPS encapsulation dot1Q 2 ip address 192.168.96.1 255.255.255.128 no ip directed-broadcast ip nat inside no ip route-cache no ip mroute-cache ! interface FastEthernet0/0.3 description PCG CONFERENCE ROOMS encapsulation dot1Q 3 ip address 172.16.96.1 255.255.255.128 no ip directed-broadcast ip nat inside no ip route-cache no ip mroute-cache ! ip nat pool PCC 68.223.124.183 68.223.124.183 prefix-length 25 ip nat inside source list 2 pool PCC overload ip nat inside source list 3 pool PCC overload ! access-list 2 permit 192.168.96.0 0.0.0.255 access-list 3 permit 172.16.96.0 0.0.0.255
Any help would greatly be appreciated.
Thanks,
Scott