Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
950
Views
0
Helpful
3
Replies

2901 Router Configuration

PATRICK_BRE
Level 1
Level 1

‎11-29-2012 04:31 PM - edited ‎03-04-2019 06:16 PM

Does anyone see any issues with this base configuration. For some reason NAT seems to be only partially working. My LAN user can use a browser to search web sites. However when they click on a website link the browser will not pull down the pages. NAT must be working to a certain level or they would not even be able to bring up google and search site at all. Thanks for any sugestion.

!

hostname WFNR1

!

boot-start-marker

boot-end-marker

!

no aaa new-model

!

resource policy

!

mmi polling-interval 60

no mmi auto-configure

no mmi pvc

mmi snmp-timeout 180

ip subnet-zero

!

!

ip cef

no ip dhcp use vrf connected

!

ip dhcp excluded-address 10.10.10.1

!

ip dhcp pool LOCAL

   network 10.10.10.0 255.255.255.0

   default-router 10.10.10.1

   dns-server 199.19.167.2 199.19.167.3

!

!

no ip ips deny-action ips-interface

!

!

!

interface Loopback0

no ip address

!

interface GigaBitEthernet0/0

description LOCAL INTERFACE

ip address 10.10.10.1 255.255.255.0

ip nat inside

ip virtual-reassembly

!

interface GigabitEthernet0/1

description WAN INTERFACE

ip address 199.19.166.162 255.255.255.252

ip nat outside

ip route-cache flow

no cdp enable

duplex auto

speed auto

!

interface Async1

no ip address

!

ip classless

ip route 0.0.0.0 0.0.0.0 199.19.166.161

!

!

no ip http server

no ip http secure-server

ip nat inside source list NAT interface GigaBitEthernet0/1 overload

!

ip access-list extended NAT

permit ip 10.10.10.0 0.0.0.255 any

!

!

!

!

!

control-plane

!

Labels:
0 Helpful
3 Replies 3

Raju Sekharan
Cisco Employee
Cisco Employee

‎11-29-2012 04:50 PM

This NAT configuration is enough for browsing to work

Check if there is some MTU issues or DNS resolution issues

You may need to sniff the packets to see what is going on

Raju

0 Helpful

PATRICK_BRE
Level 1
Level 1
In response to Raju Sekharan

‎11-29-2012 05:19 PM

I should have mentioned that I have tried making adjustments with the mtu using a variety of sizes start at 1400 then incrementing 1410. 1420 1430 etc. Still no success. As far as DNS issues are you suggesting this could be an issue with the ISP. I have confirmed multiple time that these are the correct DNS values. Clients can ping the public address no problem and as stated they can perform google searches to find web sites however when the links are clicked they simple time out and not load. Can you suggest packet sniffer.

Finally though? As far as you can see is the config I am using look CORRECT? 

many many many thanks

0 Helpful

Raju Sekharan
Cisco Employee
Cisco Employee
In response to PATRICK_BRE

‎11-29-2012 05:31 PM

Hi Patrick

You have the right configs for NAT.

As mentioned eariler. if you sniff the packets for 1 or 2 minutes, it will help to narrow down the issue.

Raju

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card