Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1787
Views
0
Helpful
8
Replies

ADSL configuration with static NAT for mail server

Go to solution
chandimal.karunarathne
Level 1
Level 1

‎02-09-2012 10:53 PM - edited ‎03-04-2019 03:12 PM

I have configure 887 ADSL router with attached configuration. But users cant access internet properly. (Ex: yahoo and gmail mail cant access)

Therefore please check the configuration with my network design which I have attached.

Thank you,

Chandimal.K

Labels:
Preview file
75 KB
122234-Cisco 13-12-2011 final.txt.zip
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
cadet alain
VIP Alumni
VIP Alumni
In response to chandimal.karunarathne

‎02-13-2012 01:23 AM

Hi,

I don't see any problem in your config and if you said you made the changes I proposed then it must another problem.

Can you  sniff the interface of the PC wile trying to browse the URLs which aren't working and post the capture file here

Can you also verify is NAT is working ok for these sites: debug ip nat along with sh ip nat trans

Regards.

Alain

Don't forget to rate helpful posts.

View solution in original post

0 Helpful

Go to solution
cadet alain
VIP Alumni
VIP Alumni
In response to chandimal.karunarathne

‎02-15-2012 01:36 AM

Hi,

Don't forget to rate helpful posts and to mark the thread as solved.

Regards.

Alain

Don't forget to rate helpful posts.

View solution in original post

0 Helpful
8 Replies 8

Go to solution
chandimal.karunarathne
Level 1
Level 1

‎02-09-2012 11:32 PM

can you please help me this is the configuration.

! Last configuration change at 09:08:08 UTC Tue Dec 13 2011

!

version 15.1

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname SLIT-ADSL-ROUTER

!

boot-start-marker

boot-end-marker

!

!

enable password 212145215412

!

no aaa new-model

memory-size iomem 10

ip source-route

!

!

!

!

!

ip cef

ip name-server 222.165.171.3

ip name-server 222.165.171.2

ip name-server 203.115.0.46

no ipv6 cef

!

!

crypto pki token default removal timeout 0

!

crypto pki trustpoint TP-self-signed-2902486822

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-2902486822

revocation-check none

!

!

crypto pki certificate chain TP-self-signed-2902486822

certificate self-signed 01

  30820248 308201B1 A0030201 02020101 300D0609 2A864886 F70D0101 04050030

  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274

  69666963 6174652D 32393032 34383638 3232301E 170D3131 31323133 30383133

  33315A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649

  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 39303234

  38363832 3230819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281

  81009070 3302F57C D5820174 D339F873 194064D5 66ECDF62 07AC25F2 1922FB76

  B7D0532F 3CE5139E 19DE0286 85C6DE7B 35CBE372 EEEFCB6A DE0DA942 63EA2A27

  202809E8 22620B24 DF4FD30C 3E7B3EAB 4C7C1983 3ABD982C C05EA6D1 C0A30ECD

  F0E1AA19 B6ACA00E 9366AD71 BC8311C8 694C1048 A76854C3 451D8839 A17CB0BC

  C6CB0203 010001A3 70306E30 0F060355 1D130101 FF040530 030101FF 301B0603

  551D1104 14301282 10534C49 542D4144 534C2D52 4F555445 52301F06 03551D23

  04183016 8014012D 71D7302D 2C7A52E6 97215CE4 4AC9E26B 0A31301D 0603551D

  0E041604 14012D71 D7302D2C 7A52E697 215CE44A C9E26B0A 31300D06 092A8648

  86F70D01 01040500 03818100 1D57E612 EA3F4C85 53AC8DD4 246ACA85 C8CB4FC1

  D4655B90 550B9D06 2C6186E8 30DF2564 01B9D2A1 272491E5 DE0AC5C9 B01FC027

  F2F06193 358B75DB A046D115 9295420F 1A1EA0F7 1DBCA77E 3F7C61E2 1C921568

  F47A2506 5DDE0E5F AA535D8B A826819F 0BC49454 1AA939B0 E5B2B883 D5BFCC71

  D27589CE 4308C751 D52DB1C5

        quit

license udi pid CISCO887VA-K9 sn FGL151921P1

!

!

username softlogic privilege 15 password 0 ipsec123

!

!

controller VDSL 0

!

!

!

!

!

interface Ethernet0

no ip address

shutdown

no fair-queue

!

interface ATM0

no ip address

no ip redirects

no ip unreachables

no ip proxy-arp

ip flow ingress

no atm ilmi-keepalive

!

interface ATM0.1 point-to-point

description $ADSL_OUTSIDE$

ip flow ingress

pvc 8/35

  pppoe-client dial-pool-number 1

!

!

interface FastEthernet0

switchport access vlan 110

!

interface FastEthernet1

switchport access vlan 110

!

interface FastEthernet2

switchport access vlan 110

!

interface FastEthernet3

switchport access vlan 110

!

interface Vlan1

no ip address

!

interface Vlan110

ip address 10.0.0.254 255.255.255.0

ip nat inside

no ip virtual-reassembly in

!

interface Dialer0

ip address 220.247.236.140 255.255.255.0

ip mtu 1452

ip nat outside

ip virtual-reassembly in

encapsulation ppp

dialer pool 1

dialer string 0000000

dialer-group 1

ppp pap sent-username rm2622896@sltbb password 0 2622896

ppp ipcp dns request

ppp ipcp address accept

!

ip default-gateway 220.247.232.102

ip forward-protocol nd

ip http server

ip http authentication local

ip http secure-server

!

ip nat inside source list 1 interface Dialer0 overload

ip nat inside source static 10.0.0.100 220.247.236.140

ip route 0.0.0.0 0.0.0.0 Dialer0

ip route 192.168.1.0 255.255.255.0 10.0.0.1

!

logging esm config

access-list 1 permit 10.0.0.0 0.0.0.255

dialer-list 1 protocol ip permit

!

!

!

!

!

control-plane

!

0 Helpful

Go to solution
cadet alain
VIP Alumni
VIP Alumni
In response to chandimal.karunarathne

‎02-10-2012 12:33 AM

Hi,

can you try this:

int dialer0

no ip mtu 1452

ip mtu 1492

int vlan 110

ip tcp adjust-mss 1452

Regards.

Alain

Don't forget to rate helpful posts.
0 Helpful

Go to solution
chandimal.karunarathne
Level 1
Level 1
In response to cadet alain

‎02-10-2012 02:01 AM

Hi Aliain,

Thank you very much, i'll check it and let you know.

Anyway is there any problem with my NAT rule? i have only one public ip that i have to use for email server access like i mention on the config.

if i use nat command with "extendable" key word what is the differnt?

thank you

Chandimal.K

0 Helpful

Go to solution
cadet alain
VIP Alumni
VIP Alumni
In response to chandimal.karunarathne

‎02-10-2012 02:24 AM

Hi,

The extendable keyword is used when you have ambiguous translations like for example you are natting the same service on 2 different public IPs when doing dual ISPs for redundancy/failover.

Regards.

Alain

Don't forget to rate helpful posts.
0 Helpful

Go to solution
chandimal.karunarathne
Level 1
Level 1
In response to cadet alain

‎02-12-2012 07:08 PM

Hi,

Thank you Alain, Is there any other problem with my configuration? I have change the configuration as you told but problem still same.  Still some web sites cant access via this ADSL router. Therefore can yu please check my configuration one by one , I really appreciate.

For example:

I have mention the my public ip address on interface Dialer0, is it ok?

“interface Dialer0

ip address 220.247.236.140 255.255.255.0”

also I have mention my public ip address on static nat, without putting “interface Dialer0” is is right?

“ ip nat inside source static 10.0.0.100 220.247.236.140”

Please if any one have some quality time, check my configuration and help me

Thank you,

Chandimal.K

0 Helpful

Go to solution
cadet alain
VIP Alumni
VIP Alumni
In response to chandimal.karunarathne

‎02-13-2012 01:23 AM

Hi,

I don't see any problem in your config and if you said you made the changes I proposed then it must another problem.

Can you  sniff the interface of the PC wile trying to browse the URLs which aren't working and post the capture file here

Can you also verify is NAT is working ok for these sites: debug ip nat along with sh ip nat trans

Regards.

Alain

Don't forget to rate helpful posts.
0 Helpful

Go to solution
chandimal.karunarathne
Level 1
Level 1
In response to cadet alain

‎02-14-2012 07:11 PM

Hi Alain,

Thank you very much sir, your solution works. So its due to the mtu size problem. So agine thank you very much for your knowledge sharing.

Chandimal.K

0 Helpful

Go to solution
cadet alain
VIP Alumni
VIP Alumni
In response to chandimal.karunarathne

‎02-15-2012 01:36 AM

Hi,

Don't forget to rate helpful posts and to mark the thread as solved.

Regards.

Alain

Don't forget to rate helpful posts.
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card