06-23-2014 06:59 PM - edited 03-03-2019 07:28 AM
I am building a home lab. I have a 1841 router connected to the ISP router and is configured and works good. I have 3550 switch inside my network. I can ping as far as the outside interface on the router, but not further then that. No idea why. I have enabled IP routing on the switch and I have redirected all unknown traffic out of the routers interface. Can anyone suggest something. I have no idea why is not working. I configure the interface fa0/1 on the router with sub-interface and I used the encapsulation dot1q. On the switch I configured the interface that I have the PC as access and the interface that goes to the router as a trunking. But still the same problem.
Solved! Go to Solution.
06-24-2014 05:57 AM
Hi ,
Apply below commands on your router , After that you can ping to any destination from your switch and Host connected to switch .
interface FastEthernet0/0
ip nat outside
!
interface FastEthernet0/1
ip nat inside
access-list 1 permit 40.0.0.0 0.255.255.255
ip nat inside source list 1 interface FastEthernet0/0 overload
HTH
Sandy
06-23-2014 08:13 PM
Hi ,
Sub-interface configuration on your router and trunk port configuration on your switch should have proper dot1q encapsulation set .
If you are using private non-routable IP address for your LAN segement
ip nat inside (router sub-interface ) & ip nat outside (router wan interface) must be set on router with corresponding NAT interface overloading your WAN interface .
share your switch & router config
HTH
Sandy
06-24-2014 05:13 AM
Hi SantoshKumar S
I created acces-list extended 101
After I started ip nat source and the interface global
When I try to do it on the interface I got this strange message and the router stoped responding:
*Jun 24 12:33:52.215: %SYS-2-MALLOCFAIL: Memory allocation of 32768 bytes failed from 0x602D2F44, alignment 0
Pool: Processor Free: 22372 Cause: Not enough free memory
Alternate Pool: None Free: 0 Cause: No Alternate pool
-Process= "Exec", ipl= 0, pid= 99, -Traceback= 0x6029C8CCz 0x602BA054z 0x602D226Cz 0x60F81C78z 0x60F81CF0z 0x60F81D88z 0x60F85704z 0x60FAC2E8z 0x625B2DA8z 0x625B2D8Cz
I have never seen this before
Any Idea why this happened?
06-24-2014 05:16 AM
Hi ,
After I started ip nat source and the interface global , what do you mean by global her ?? your WAN interface .
Kindly share me your router config .
HTH
Sandy
06-24-2014 05:39 AM
Yes. The inteface that is connected to the isp router.
Below is my switch configuration and router configuration:
SW-A#show configuration
Using 2303 out of 393216 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname SW-A
!
enable secret 5 $1$xDZm$LLcViCdbcXDWmPlfk.2VD.
!
ip subnet-zero
ip routing
!
no ip domain-lookup
ip domain-name papa.com
!
spanning-tree mode pvst
spanning-tree extend system-id
!
!
!
!
interface FastEthernet0/1
switchport mode dynamic desirable
!
interface FastEthernet0/2
switchport mode dynamic desirable
!
interface FastEthernet0/3
switchport mode dynamic desirable
!
interface FastEthernet0/4
switchport mode dynamic desirable
!
interface FastEthernet0/5
switchport mode dynamic desirable
!
interface FastEthernet0/6
switchport mode dynamic desirable
!
interface FastEthernet0/7
switchport mode dynamic desirable
!
interface FastEthernet0/8
switchport mode dynamic desirable
!
interface FastEthernet0/9
switchport mode dynamic desirable
!
interface FastEthernet0/10
switchport mode dynamic desirable
!
interface FastEthernet0/11
switchport mode dynamic desirable
!
interface FastEthernet0/12
switchport mode dynamic desirable
!
interface FastEthernet0/13
switchport mode dynamic desirable
!
interface FastEthernet0/14
switchport mode dynamic desirable
!
interface FastEthernet0/15
switchport mode dynamic desirable
!
interface FastEthernet0/16
switchport mode dynamic desirable
!
interface FastEthernet0/17
switchport mode dynamic desirable
!
interface FastEthernet0/18
switchport mode dynamic desirable
!
interface FastEthernet0/19
switchport mode dynamic desirable
!
interface FastEthernet0/20
switchport mode dynamic desirable
!
interface FastEthernet0/21
switchport mode dynamic desirable
!
interface FastEthernet0/22
switchport mode dynamic desirable
!
interface FastEthernet0/23
switchport mode dynamic desirable
switchport voice vlan 1
spanning-tree portfast
!
interface FastEthernet0/24
switchport mode dynamic desirable
switchport voice vlan 1
spanning-tree portfast
!
interface GigabitEthernet0/1
switchport mode dynamic desirable
!
interface GigabitEthernet0/2
switchport mode dynamic desirable
!
interface Vlan1
ip address 40.0.0.2 255.0.0.0
!
ip default-gateway 40.0.0.1
ip classless
ip route 0.0.0.0 0.0.0.0 40.0.0.1
ip http server
!
!
line con 0
line vty 0 4
password papa
login
line vty 5 15
login
!
!
end
and router:
Router#show configuration
Using 913 out of 196600 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
!
no aaa new-model
dot11 syslog
ip source-route
!
!
!
!
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
archive
log config
hidekeys
!
!
!
!
!
!
!
!
interface FastEthernet0/0
ip address 192.168.0.2 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 40.0.0.1 255.0.0.0
duplex auto
speed auto
!
interface Serial0/0/0
no ip address
shutdown
clock rate 2000000
!
interface Serial0/0/1
no ip address
shutdown
clock rate 2000000
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 192.168.0.1
no ip http server
no ip http secure-server
!
!
!
!
!
!
!
!
!
control-plane
!
!
!
line con 0
line aux 0
line vty 0 4
login
!
scheduler allocate 20000 1000
end
Thank you
06-24-2014 05:57 AM
Hi ,
Apply below commands on your router , After that you can ping to any destination from your switch and Host connected to switch .
interface FastEthernet0/0
ip nat outside
!
interface FastEthernet0/1
ip nat inside
access-list 1 permit 40.0.0.0 0.255.255.255
ip nat inside source list 1 interface FastEthernet0/0 overload
HTH
Sandy
06-24-2014 07:58 AM
Thank you.
I will try this as soon as I go home. i just got at work.
What I dont understand is why the router give me the above error when i try to enable nat on the global interface. At the interface connected to wan. I had to restart the router because it was not taking any commands anymore.
Thanks again.
06-24-2014 07:30 PM
I think my router has a problem. I dont think is the configuration. I try what you sad up and this is what happened:
Router(config-if)#ip nat outside
% NBAR ERROR: due to memory problem, parsing stopped
% NBAR Error : Activation failed due to insufficient dynamic memory
% NBAR Error: Stile could not add protocol node
%NAT: Error activating CNBAR on the interface FastEthernet0/0
Router(config-if)#
*Jun 25 02:50:08.192: %SYS-2-MALLOCFAIL: Memory allocation of 10260 bytes failed from 0x6246BDC0, alignment 0
Pool: Processor Free: 54504 Cause: Memory fragmentation
Alternate Pool: None Free: 0 Cause: No Alternate pool
-Process= "Exec", ipl= 0, pid= 3, -Traceback= 0x6029C8CCz 0x602B57A8z 0x631414B4z 0x6246B468z 0x6246B5CCz 0x6244680Cz 0x624468E4z 0x624469E0z 0x62446884z 0x624469E0z 0x62446884z 0x624469E0z 0x62447548z 0x6247FC0Cz 0x6248AC50z 0x62476FC4z
*Jun 25 02:50:08.196: %NBAR-2-NOMEMORY: No memory available for StILE lmalloc, -Traceback= 0x6246B490z 0x6246B5CCz 0x6244680Cz 0x624468E4z 0x624469E0z 0x62446884z 0x624469E0z 0x62446884z 0x624469E0z 0x62447548z 0x6247FC0Cz 0x6248AC50z 0x62476FC4z 0x62496338z 0x624966D0z 0x6170DC78z
*Jun 25 02:50:08.664: %LINEPROTO-5-UPDOWN: Line protocol on Interface NVI0, changed state to up$gon 2
I will try the same in another router. I have 2811 and I wil do it in a moment and let you know what hapened
06-24-2014 08:06 PM
I did configure NAT in a new router. If i connect the pc straight to the routers fa0/1 interface, everything works perfect. But when I connected through the switch, nothing works.
Any suggestions please?
06-24-2014 09:02 PM
Hi ,
Are you using straight cable between your router & switch ?? if so use cross cable old model router and switch dont have auto MDIX
check following thing
1) from the switch ping locally the IP address assigned for Vlan 1 40.0.0.2
2) From the host ping to switch VLAN IP address 40.0.0.2
3) From the switch see you are able to switch host MAC address and arp table
if all three statement matches , then check for speed & duplex settings from router to switch ensure both side are same . After fine tuning speed & duplex settings if it doesnt work then you need to change it cross cable .
HTH
Sandy
08-08-2014 01:12 PM
I am sorry I had to time to log in here and update my post. Tha problem was my routers memory. I update the IOS and everything is good now. Thank you Santosh
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide