Jump to content


Nat Question.

nat icnd2

  • Please log in to reply
3 replies to this topic

#1 turalo

turalo

    Newbie

  • Members
  • Pip
  • 35 posts
  • Gender:Male
  • Location:NL
  • Interests:ICT - Telecom

Posted 12 August 2013 - 06:38 AM

Hi guys,

 

I'm now preparing for the ICND2.  the topics:  nat, acces list etc...  I have a problem setting up a working nat. so the funny thing is I have set this many times, but since yesterday I'm unable to make it work.

Please check the run, can you see anything wrong ? what did I do wrong here ?

 

My problem is Im unable to get to internet. which is on router : 192.168.2.1 

I get a dhcp IP  and can ping the 192.168.3.1

and from the cisco router I can ping 192.168.2.1

I think something is wrong with acces list or nat overloading ?

 

I'm unable to ping from pc to 192.168.2.1 too, so it never passes the cisco router.

 

 

 

thanks in advance.

 

 

 

R1840#show run
Building configuration...

Current configuration : 1697 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname R1840
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$HWBE$L0t0HeMmjyAdGU0ZkOD6..
!
no aaa new-model
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.3.1 192.168.3.5
!
ip dhcp pool LAN
   network 192.168.3.0 255.255.255.0
   dns-server 192.168.2.1
   default-router 192.168.3.1
!
!
no ip domain lookup
!
!
!
!
!
interface FastEthernet0/0
 ip address dhcp
 ip nat outside
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 192.168.3.1 255.255.255.0
 ip nat inside
 duplex auto
 speed auto
!
interface Serial0/0/0
 no ip address
 shutdown
!
interface Serial0/0/1
 no ip address
 shutdown
 clock rate 2000000
!
ip classless
!
ip http server
ip nat source list INSIDE_LAN interface FastEthernet0/0 overload
!
ip access-list standard INSIDE_LAN
 permit 192.168.3.0 0.0.0.255
!
!
control-plane
!
banner motd ^C
  .oooooo.   ooooo  .oooooo..o   .oooooo.     .oooooo.   
 d8P'  `Y8b  `888' d8P'    `Y8  d8P'  `Y8b   d8P'  `Y8b  
888           888  Y88bo.      888          888      888
888           888   `"Y8888o.  888          888      888
888           888       `"Y88b 888          888      888
`88b    ooo   888  oo     .d8P `88b    ooo  `88b    d88'
 `Y8bood8P'  o888o 8""88888P'   `Y8bood8P'   `Y8bood8P'
^C
!
line con 0
 exec-timeout 0 0
 password 7 045802150C2E
 logging synchronous
 login
line aux 0
line vty 0 4
 password 7 121A0C041104
 login    
line vty 5 807
 password 7 121A0C041104
 login
!
end

R1840#show ip int brief
Interface                  IP-Address      OK? Method Status                Protocol
FastEthernet0/0            192.168.2.106   YES DHCP   up                    up      
FastEthernet0/1            192.168.3.1     YES manual up                    up      
Serial0/0/0                unassigned      YES unset  administratively down down    
Serial0/0/1                unassigned      YES unset  administratively down down    
NVI0                       unassigned      YES unset  up                    up      
R1840#
R1840#
R1840#


Edited by turalo, 12 August 2013 - 06:47 AM.

  • 0

#2 chuphy

chuphy

    Cisco Expert

  • Technical Experts
  • PipPip
  • 128 posts
  • Gender:Female

Posted 12 August 2013 - 07:25 PM

Hi,

 

Try using the nat command like this: ip nat inside source list INSIDE_LAN interface FastEthernet0/0 overload.

 

From here, you can see that the ip nat source command is used "To enable Network Address Translation (NAT) on a virtual interface without inside or outside specification"

 

After applying the command, try starting a ping from the 1841 router with the source option, like this:

 

#ping 192.168.2.1 source 192.168.3.1

 

and then try to see what happened:

 

#show ip nat transl

 

Hope this helps!


  • 1

#3 turalo

turalo

    Newbie

  • Members
  • Pip
  • 35 posts
  • Gender:Male
  • Location:NL
  • Interests:ICT - Telecom

Posted 13 August 2013 - 04:28 AM

Hi,

 

Try using the nat command like this: ip nat inside source list INSIDE_LAN interface FastEthernet0/0 overload.

 

From here, you can see that the ip nat source command is used "To enable Network Address Translation (NAT) on a virtual interface without inside or outside specification"

 

After applying the command, try starting a ping from the 1841 router with the source option, like this:

 

#ping 192.168.2.1 source 192.168.3.1

 

and then try to see what happened:

 

#show ip nat transl

 

Hope this helps!

 

 

 

 

This works. thanks for you help. I still dont understa how could I miss this, I have set it so many times.

thanks again. now somehow DHCP stopped working, I need to check it :) but that's not a big problem.


  • 0

#4 turalo

turalo

    Newbie

  • Members
  • Pip
  • 35 posts
  • Gender:Male
  • Location:NL
  • Interests:ICT - Telecom

Posted 13 August 2013 - 04:18 PM

Now all works fine, nat and dhcp.

 

thanks again.


  • 0






Also tagged with one or more of these keywords: nat, icnd2

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users