Command refference guide for EG3250
|
Hi team, i can not find CLI command reference guide for EG3250. Right now i'm looking for the way to configure unusual NAT using CLI, there's no info about it. Please help. |
|
Really sorry for your inconvenience. Now we dont have a CLI commands guide for gateway. May I know which type of NAT you want to configure? Could you elaborate more about this? |
Edited by Dmitry Bairoff at 2023-2-20 15:50 Patrick replied at 2023-2-20 10:46Hi Patrik, i am trying to create a simple overload nat according to instructions from RCNA course. int g0/2 ip addres 192.168.20.1 255.255.255.0 ip nat outside int g0/6 ip addres 192.168.60.1 255.255.255.0 ip nat inside access-list 10 permit 192.168.60.1 255.255.255.0 access-list 10 permit 172.16.0.0 255.255.0.0 access-list 10 permit 10.1.0.0 255.255.0.0 #### this is because i have several routed networks behind this EG3250, and i test from all of them, not working ip nat inside source list 10 interface g0/6 overload ##### I'm not sure if it's important or not, my config also has these lines: sys-mode gateway ! specify interface GigabitEthernet 0/0 lan specify interface GigabitEthernet 0/1 wan specify interface GigabitEthernet 0/2 lan specify interface GigabitEthernet 0/3 lan specify interface GigabitEthernet 0/4 lan specify interface GigabitEthernet 0/5 lan specify interface GigabitEthernet 0/6 lan specify interface GigabitEthernet 0/7 lan specify interface GigabitEthernet 0/9 lan specify interface TenGigabitEthernet 0/0 lan  show ip nat translations command shows nothing. And i have no ideas how else can i check what's wrong. |
Dmitry Bairoff replied at 2023-2-20 15:42 1."ip nat outside" --- this command should be used in the WAN port of EG. In your case, the g0/2 is LAN port. Please confirm again. 2.The format for ACLs is wrong, the wildcard should be this: 0.0.0.255 --- for /24. such as: access-list 10 permit 192.168.60.0 0.0.0.255 3."ip nat inside source list 10 interface g0/6 overload" --- the interface in this command should be the nat outside port (WAN port) For checking commands, you also can use these: show access-list xxx --- xxx is the ACL number, check the ACL config show run int g x/y --- x/y is the port number, you can use this command to check the configuration of physical ports |
Patrick replied at 2023-2-20 17:18 I'm not besides the device now, can't perform checks, will be there on next monday. I was typing commands here as i remember them. Now checked again with the dump of config file: specify interface GigabitEthernet 0/0 lan specify interface GigabitEthernet 0/1 wan specify interface GigabitEthernet 0/2 lan specify interface GigabitEthernet 0/3 lan specify interface GigabitEthernet 0/4 lan specify interface GigabitEthernet 0/5 lan specify interface GigabitEthernet 0/6 lan specify interface GigabitEthernet 0/7 lan specify interface GigabitEthernet 0/9 lan specify interface TenGigabitEthernet 0/0 lan ip access-list standard 10 10 permit 172.16.10.0 0.0.0.255 20 permit 192.168.60.0 0.0.0.255 30 permit 192.168.70.0 0.0.0.255 interface GigabitEthernet 0/1 ip address dhcp ip nat outside interface GigabitEthernet 0/6 ip address 192.168.60.1 255.255.255.0 ip nat inside ip nat inside source list 10 interface GigabitEthernet 0/1 overload |
Dmitry Bairoff replied at 2023-2-20 17:37 The config is okay. Now you only need to make sure that the ip route is correct. When the users under EG can get ip and access Internet, then you can check the nat translation table. |
Patrick replied at 2023-2-20 18:09 but it's not working :-( i haven't tried sh ip route after obtaining ip on Ge0/1, i'm sure i was able to ping interner from this EG3250. I'll return back to the router in a week and let you know the result of test. |
Dmitry Bairoff replied at 2023-2-20 19:04 Yes, please make sure there is an default route pointed to your ISP modem on EG. If on EG, you can ping Internet with its WAN port, then you may check the downlink devices of EG. |
This site contains user submitted content, comments and opinions and is for informational purposes only. Ruijie may provide or recommend responses as a possible solution based on the information provided; every potential issue may involve several factors not detailed in the conversations captured in an electronic forum and Ruijie can therefore provide no guarantee as to the efficacy of any proposed solutions on the community forums. Ruijie disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Ruijie Community Terms of Use.
More ways to get help: Visit Support Videos, call us via Service Hotline, Facebook or Live Chat.
©2000-2023 Ruijie Networks Co,Ltd
Level 1
