07-21-2003 11:07 AM - edited 03-02-2019 08:59 AM
Hi!
I have implemented NAT on my 1605R router but I having some problems..
Since then I can't send outgoing mail with SMTP.
The mailserver belongs to my ISP.
I get a message that the TCP/IP connection was lost when I'm sending a mail. That worked before I implemented NAT. And I also trying to port forwarding web traffic to a machine on the inside.
I get a connection, but no pages displays.
Please look at my config and give me hints whats wrong? Only the password parts are missing from it:
!
version 12.3
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname Tilda
!
boot system tftp c1600-sy-mz.123-1.bin 192.168.1.5
logging console critical
enable password <----------->
!
ip subnet-zero
ip name-server 192.71.220.10
!
ip accounting-threshold 10
vpdn enable
!
vpdn-group pppoe
request-dialin
protocol pppoe
!
!
!
!
interface Ethernet0
description connected to EthernetLAN
ip address 192.168.1.1 255.255.255.0
ip accounting output-packets
ip nat inside
!
interface Ethernet1
description Internet
no ip address
no ip redirects
pppoe enable
pppoe-client dial-pool-number 1
no cdp enable
!
interface Dialer1
ip address negotiated previous
ip nat outside
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication pap callin
ppp pap sent-username <account + password>
!
ip nat inside source list 1 interface Dialer1 overload
ip nat inside source static tcp 192.168.1.21 80 interface Dialer1 80
ip nat inside source static tcp 192.168.1.1 23 interface Dialer1 443
ip nat inside source static tcp 192.168.1.5 25 interface Dialer1 25
ip nat inside source static tcp 192.168.1.5 5900 interface Dialer1 8080
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
no ip http server
!
!
access-list 1 permit 192.168.1.0 0.0.0.255
dialer-list 1 protocol ip permit
!
snmp-server community public RO
snmp-server enable traps tty
!
end
Best regards
/Leif
07-21-2003 01:24 PM
At least for mail, I suggest a static nat entry for your inside to outside server address
07-21-2003 09:20 PM
Are you sure you are getting the same ip address (public ip) negotiated from your ISP ??? If this keeps changing, you might have problems receiving email communications, between outside servers and your internal server. (Even though DNS records will have a static entry). Its better to put a static pubic ip address, instead of specifying the ip address of the dialer interface, which is negotiated each time.
07-21-2003 11:09 PM
No, I don't get the same ip address but it doesn't matter. I don't have a mailserver on my network. The mailserver for pop and smtp are on the Internet.
07-22-2003 07:59 AM
If thats the case, then you dont need all those static tcp mappings for the NAT. Just a simple nat statement such as,
"ip nat inside source list 1 interface dialer 1 overload" would do the job.
07-21-2003 11:12 PM
How do you mean? Is it really necessary?
Can you give a example?
07-22-2003 07:47 AM
Hi, I suggest you just do a stic nat and ignore the protocol part of it.
i mean the line
ip nat inside source list 1 interface Dialer1 overload
is enough and you should remove the other ip nat commands specifying the port and protocols.
cheers.
07-22-2003 10:27 AM
But how do I direct traffic to other hosts on my network without them? Is "ip nat inside source static 192.168.1.5 interface Ethernet 1" enough?
But if I have other hosts?
07-22-2003 01:17 PM
Yes, it worked better! Thank you!
07-23-2020 04:41 PM
hi @gold78 can you please mention what worked better?
07-24-2020 12:03 AM
Hello,
the last post was from 2003, you might not get an answer from this contributor anymore. What are you after ?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide