10-14-2016 09:56 AM - edited 03-05-2019 07:16 AM
I just switched from a ISP that provided a router for Internet connection to one that uses a modem and now no networks can get out to the Internet. I tested the modem directly to a PC and it works perfect.
ISP Modem --> 2851 --> Switch ---> PC's etc
The modem is connected to port fa0/3/0
There are both static IP address on my servers and print servers, some workstations too. Other workstations and wifi get dhcp addresses.
The IPS is NOT a static IP address. Can someone please tell me what I am missing/doing wrong?
Thank You.
My router configuration:
ip source-route
!
!
ip cef
!
ip dhcp smart-relay
ip dhcp relay information option
ip dhcp excluded-address 192.168.69.1 192.168.69.240
ip dhcp excluded-address 10.110.0.1 10.110.0.20
ip dhcp excluded-address 192.168.125.1 192.168.125.9
ip dhcp excluded-address 192.168.200.1 192.168.200.99
ip dhcp excluded-address 192.168.200.102 192.168.200.109
ip dhcp excluded-address 192.168.200.112 192.168.200.219
ip dhcp excluded-address 192.168.26.1 192.168.26.99
!
ip dhcp pool Wiireless
network 192.168.200.0 255.255.255.0
default-router 192.168.200.1
domain-name thedurhamcorporation.com
dns-server 8.8.8.8
option 150 ip 10.110.0.1
lease 0 12
!
ip dhcp pool Users
network 192.168.69.0 255.255.255.0
default-router 192.168.69.1
domain-name thedurhamcorporation.com
dns-server 8.8.8.8
option 150 ip 10.110.0.1
lease 0 12
!
ip dhcp pool Voice
network 10.110.0.0 255.255.255.0
default-router 10.110.0.1
option 150 ip 10.110.0.1
dns-server 8.8.8.8
domain-name thedurhamcorporation.com
lease 0 12
!
ip dhcp pool Reserved69
host 192.168.69.101 255.255.255.0
hardware-address 0800.091a.8987
default-router 192.168.69.1
dns-server 8.8.8.8
domain-name thedurhamcorporation.com
!
ip dhcp pool Hopper_Durham
host 192.168.200.100 255.255.255.0
client-identifier 000d.c5d1.dfb1
default-router 192.168.200.1
dns-server 8.8.8.8
domain-name thedurhamcorporation.com
!
ip dhcp pool Joey_Durham
host 192.168.200.101 255.255.255.0
client-identifier 000d.c5e1.62fb
default-router 192.168.200.1
dns-server 8.8.8.8
domain-name thedurhamcorporation.com
!
ip dhcp pool Hopper_Sommers
host 192.168.200.110 255.255.255.0
default-router 192.168.200.1
dns-server 8.8.8.8
domain-name thedurhamcorporation.com
!
ip dhcp pool Joey_Sommers
host 192.168.200.111 255.255.255.0
default-router 192.168.200.1
dns-server 8.8.8.8
domain-name thedurhamcorporation.com
!
ip dhcp pool TempVMware
network 192.168.70.0 255.255.255.0
default-router 192.168.70.1
dns-server 8.8.8.8
domain-name thedurhamcorporation.com
!
ip dhcp pool CUCM_Voice
network 192.168.27.0 255.255.255.0
default-router 192.168.27.1
dns-server 8.8.8.8
domain-name thedurhamcorporation.com
option 150 ip 192.168.26.10
!
!
ip domain lookup source-interface GigabitEthernet0/0
ip domain name thecorporation.com
ip name-server 4.2.2.2
ip name-server 8.8.8.8
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
password encryption aes
!
!
voice-card 0
!
!
!
license udi pid CISCO2851 sn FTX15
dial-control-mib retain-timer 10080
dial-control-mib max-size 500
username mdurham privilege 15 password 7 052E021A343
!
redundancy
!
!
!
track 10 ip sla 1 reachability
delay down 1 up 1
!
track 20 ip sla 2 reachability
delay down 1 up 1
gw-accounting syslog
!
!
!
!
!
!
!
!
interface GigabitEthernet0/0
description "VMWare Server"
no ip address
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/0.26
encapsulation dot1Q 26
ip address 192.168.26.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface GigabitEthernet0/0.50
encapsulation dot1Q 50
ip address 192.168.50.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface Service-Engine0/1
description "CUE-AIM Voicemail & Auto Attendant Module"
ip unnumbered GigabitEthernet0/1.110
ip nat inside
ip virtual-reassembly in
service-module ip address 10.110.0.2 255.255.255.0
service-module ip default-gateway 10.110.0.1
!
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
!
interface GigabitEthernet0/1.2
encapsulation dot1Q 2
ip address 192.168.0.253 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface GigabitEthernet0/1.27
encapsulation dot1Q 27
ip address 192.168.27.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface GigabitEthernet0/1.69
description "Data Network"
encapsulation dot1Q 69 native
ip address 192.168.69.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface GigabitEthernet0/1.110
description "Voice Network"
encapsulation dot1Q 110
ip address 10.110.0.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface GigabitEthernet0/1.125
description "TV & Media Network"
encapsulation dot1Q 125
ip address 192.168.125.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface GigabitEthernet0/1.200
description "Wireless - Guest User Network"
encapsulation dot1Q 200
ip address 192.168.200.1 255.255.255.0
ip access-group 100 in
ip nat inside
ip virtual-reassembly in
!
interface FastEthernet0/3/0
description Internet Connection to TP Link & Verizon G4
ip address dhcp client-id FastEthernet0/3/0
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet1/0
ip address 192.168.70.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
!
router eigrp 1577
network 10.110.0.0 0.0.0.255
network 192.168.0.0
network 192.168.26.0
network 192.168.27.0
network 192.168.50.0
network 192.168.69.0
network 192.168.125.0
network 192.168.200.0
network 192.168.254.0
!
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip http path flash:/CME_GUI
!
!
ip nat inside source list 20 pool Internet overload
ip route 0.0.0.0 0.0.0.0 FastEthernet0/3/0 track 10
ip route 0.0.0.0 0.0.0.0 192.168.0.254 10 track 20
ip route 4.2.2.2 255.255.255.255 FastEthernet0/3/0
ip route 10.110.0.2 255.255.255.255 Service-Engine0/1
!
ip sla 1
icmp-echo 4.2.2.2 source-interface FastEthernet0/3/0
threshold 750
timeout 900
frequency 1
ip sla schedule 1 life forever start-time now
ip sla 2
icmp-echo 192.168.0.254 source-ip 192.168.0.253
threshold 750
timeout 900
frequency 1
ip sla schedule 2 life forever start-time now
logging esm config
logging history size 500
access-list 20 remark Networks Allowed onto the Internet
access-list 20 permit 192.168.0.0 0.0.255.255
access-list 20 permit 10.110.0.0 0.0.0.255
access-list 100 remark "Block access from the Guest network to everything except the printer & the Interent
access-list 100 permit ip any host 192.168.69.99
access-list 100 permit ip any 192.168.200.0 0.0.0.7
access-list 100 deny ip any 192.168.0.0 0.0.255.255
access-list 100 permit ip any any
10-14-2016 10:19 AM
Does the router get an IP address? Are you able to ping out? I also don't see the NAT pool "Internet" defined in the configuration that you are using to do NAT overload.
10-14-2016 12:47 PM
Yes, the router gets an IP address from the ISP, it is not a public IP.
I am not much on setting up NAT, I looked up some examples on the net but they may be missing some commands. That may be the area that I need some help with.
10-14-2016 01:05 PM
OK in that case you don't need a NAT pool, you can simply overload on the interface.
no ip nat inside source list 20 pool Internet overload
ip nat inside source list 20 interface fastethernet0/3/0 overload
How many Internet connections do you currently have? You have "ip nat outside" on a single interface so I am thinking your tracking configuration is not required and can be removed.
10-14-2016 02:38 PM
My topology is more than shown. I do need the SLA/TRAC as I use my neighbor's Internet should mine go down and vice versa. Both of us use Verizon 4G to our networks. His end is working perfectly.
10-14-2016 03:35 PM
I made those changes but still no luck.
TDC_CME_Router(config)#do sh trac
Track 10
IP SLA 1 reachability
Reachability is Down
629 changes, last change 07:45:20
Delay up 1 sec, down 1 sec
Latest operation return code: Timeout
Tracked by:
STATIC-IP-ROUTING 0
Track 20
IP SLA 2 reachability
Reachability is Up
16 changes, last change 4d06h
Delay up 1 sec, down 1 sec
Latest operation return code: OK
Latest RTT (millisecs) 1
Tracked by:
STATIC-IP-ROUTING 0
TDC_CME_Router(config)#do ping 4.2.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.2.2.2, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
TDC_CME_Router(config)#do ping 4.2.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.2.2.2, timeout is 2 seconds:
..U..
10-14-2016 05:21 PM
Well it would seem that you should be able to browse through the other link considering that the tracked object is down and Internet traffic will be routed to 192.168.0.254 so you might want to check to ensure that the other end is performing NAT your subnets.
Do a show dhcp lease to determine the default gateway and ensure that you have reach-ability to the gateway and a show ip int bri and show ip route. You might also want to change the static route to point to the next hop rather than the interface.
no ip route 0.0.0.0 0.0.0.0 FastEthernet0/3/0 track 10
ip route 0.0.0.0 0.0.0.0 dhcp track 10
no ip route 4.2.2.2 255.255.255.255 FastEthernet0/3/0
ip route 4.2.2.2 255.255.255.255 dhcp
10-15-2016 01:06 PM
I made some changes to the configuration above as per what I found on Cisco's web site for NAT. But it still does not work.
I do get an IP address from the modem. 100.76.157.54 (Verizon's private IP address). I was told to enter the command ip route 0.0.0.0 0.0.0.0 dhcp, this did give me a route in the routing table of 0.0.0.0 0.0.0.0 100.76.157.53 but nothing pings out. I can ping 100.76.157.54 but not 100.76.157.53.
The static route 4.2.2.2 255.255.255.255 fa0/3/0 is I can test the fa0/3/0 connection while still having Internet via my backup source. Once fa0/3/0 is working , this will be removed.
I have two sources for accessing the Internet, fa0/3/0 and gi0/1.2 which is my neighbor's Internet connection. This is why I need SLA and TRAC working. BUT, I need to get off his Internet and onto mind via fa0/3/0. BTW, I am his backup Internet should his go down.
Here is the latest config and some diag results:
! Last configuration change at 12:25:24 DST Fri Oct 14 2016 by mdurham
version 15.1
service timestamps debug datetime msec localtime
service timestamps log datetime msec localtime year
service password-encryption
service sequence-numbers
!
hostname TDC_CME_Router
!
boot-start-marker
boot-end-marker
!
!
logging buffered 10000000
enable secret 5 $1$0AMTNh1
!
no aaa new-model
!
clock timezone Eastern -5 0
clock summer-time DST recurring
!
dot11 syslog
ip source-route
!
!
ip cef
!
ip dhcp smart-relay
ip dhcp relay information option
ip dhcp excluded-address 192.168.69.1 192.168.69.240
ip dhcp excluded-address 10.110.0.1 10.110.0.20
ip dhcp excluded-address 192.168.125.1 192.168.125.9
ip dhcp excluded-address 192.168.200.1 192.168.200.99
ip dhcp excluded-address 192.168.200.102 192.168.200.109
ip dhcp excluded-address 192.168.200.112 192.168.200.219
ip dhcp excluded-address 192.168.26.1 192.168.26.99
!
ip dhcp pool Wiireless
network 192.168.200.0 255.255.255.0
default-router 192.168.200.1
domain-name thedurhamcorporation.com
dns-server 8.8.8.8
option 150 ip 10.110.0.1
lease 0 12
!
ip dhcp pool Users
network 192.168.69.0 255.255.255.0
default-router 192.168.69.1
domain-name thedurhamcorporation.com
dns-server 8.8.8.8
option 150 ip 10.110.0.1
lease 0 12
!
ip dhcp pool Voice
network 10.110.0.0 255.255.255.0
default-router 10.110.0.1
option 150 ip 10.110.0.1
dns-server 8.8.8.8
domain-name thedurhamcorporation.com
lease 0 12
!
ip dhcp pool Reserved69
host 192.168.69.101 255.255.255.0
hardware-address 0800.091a.8987
default-router 192.168.69.1
dns-server 8.8.8.8
domain-name thedurhamcorporation.com
!
ip dhcp pool Hopper_Durham
host 192.168.200.100 255.255.255.0
client-identifier 000d.c5d1.dfb1
default-router 192.168.200.1
dns-server 8.8.8.8
domain-name thedurhamcorporation.com
!
ip dhcp pool Joey_Durham
host 192.168.200.101 255.255.255.0
client-identifier 000d.c5e1.62fb
default-router 192.168.200.1
dns-server 8.8.8.8
domain-name thedurhamcorporation.com
!
ip dhcp pool Hopper_Sommers
host 192.168.200.110 255.255.255.0
default-router 192.168.200.1
dns-server 8.8.8.8
domain-name thedurhamcorporation.com
!
ip dhcp pool Joey_Sommers
host 192.168.200.111 255.255.255.0
default-router 192.168.200.1
dns-server 8.8.8.8
domain-name thedurhamcorporation.com
!
ip dhcp pool TempVMware
network 192.168.70.0 255.255.255.0
default-router 192.168.70.1
dns-server 8.8.8.8
domain-name thedurhamcorporation.com
!
ip dhcp pool CUCM_Voice
network 192.168.27.0 255.255.255.0
default-router 192.168.27.1
dns-server 8.8.8.8
domain-name thecorporation.com
option 150 ip 192.168.26.10
!
!
ip domain lookup source-interface GigabitEthernet0/0
ip domain name thecorporation.com
ip name-server 4.2.2.2
ip name-server 8.8.8.8
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
password encryption aes
!
!
voice-card 0
!
!
!
license udi pid CISCO2851 sn FTX1517
dial-control-mib retain-timer 10080
dial-control-mib max-size 500
username mdurham privilege 15 password 7 0520B5343
!
redundancy
!
!
!
track 10 ip sla 1 reachability
delay down 1 up 1
!
track 20 ip sla 2 reachability
delay down 1 up 1
gw-accounting syslog
!
!
!
interface GigabitEthernet0/0
description "VMWare Server"
no ip address
ip nat inside
ip virtual-reassembly in
no ip route-cache
duplex auto
speed auto
!
interface GigabitEthernet0/0.26
encapsulation dot1Q 26
ip address 192.168.26.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
no ip route-cache
!
interface GigabitEthernet0/0.50
encapsulation dot1Q 50
ip address 192.168.50.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
no ip route-cache
!
interface Service-Engine0/1
description "CUE-AIM Voicemail & Auto Attendant Module"
ip unnumbered GigabitEthernet0/1.110
ip nat inside
ip virtual-reassembly in
no ip route-cache
service-module ip address 10.110.0.2 255.255.255.0
service-module ip default-gateway 10.110.0.1
!
interface GigabitEthernet0/1
no ip address
no ip route-cache
duplex auto
speed auto
!
interface GigabitEthernet0/1.2
encapsulation dot1Q 2
ip address 192.168.0.253 255.255.255.0
ip nat inside
ip virtual-reassembly in
no ip route-cache
!
interface GigabitEthernet0/1.27
encapsulation dot1Q 27
ip address 192.168.27.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
no ip route-cache
!
interface GigabitEthernet0/1.69
description "Data Network"
encapsulation dot1Q 69 native
ip address 192.168.69.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
no ip route-cache
!
interface GigabitEthernet0/1.110
description "Voice Network"
encapsulation dot1Q 110
ip address 10.110.0.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
no ip route-cache
!
interface GigabitEthernet0/1.125
description "TV & Media Network"
encapsulation dot1Q 125
ip address 192.168.125.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
no ip route-cache
!
interface GigabitEthernet0/1.200
description "Wireless - Guest User Network"
encapsulation dot1Q 200
ip address 192.168.200.1 255.255.255.0
ip access-group 100 in
ip nat inside
ip virtual-reassembly in
no ip route-cache
!
interface FastEthernet0/3/0
description Internet Connection to TP Link & Verizon G4
ip address dhcp client-id FastEthernet0/3/0
ip nat outside
ip nat enable
ip virtual-reassembly in
no ip route-cache
duplex auto
speed auto
!
interface GigabitEthernet1/0
ip address 192.168.70.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
no ip route-cache
!
!
router eigrp 1577
network 10.110.0.0 0.0.0.255
network 192.168.0.0
network 192.168.26.0
network 192.168.27.0
network 192.168.50.0
network 192.168.69.0
network 192.168.125.0
network 192.168.200.0
network 192.168.254.0
!
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip http path flash:/CME_GUI
!
!
ip nat inside source list 20 interface FastEthernet0/3/0 overload
ip route 0.0.0.0 0.0.0.0 FastEthernet0/3/0 track 10
ip route 0.0.0.0 0.0.0.0 192.168.0.254 10 track 20
ip route 4.2.2.2 255.255.255.255 FastEthernet0/3/0
ip route 10.110.0.2 255.255.255.255 Service-Engine0/1
ip route 0.0.0.0 0.0.0.0 dhcp
!
ip sla 1
icmp-echo 4.2.2.2 source-interface FastEthernet0/3/0
threshold 750
timeout 900
frequency 1
ip sla schedule 1 life forever start-time now
ip sla 2
icmp-echo 192.168.0.254 source-ip 192.168.0.253
threshold 750
timeout 900
frequency 1
ip sla schedule 2 life forever start-time now
logging esm config
logging history size 500
access-list 20 remark Networks Allowed onto the Internet
access-list 20 permit 10.110.0.0 0.0.0.255
access-list 20 permit 192.168.0.0 0.0.0.255
access-list 20 permit 192.168.26.0 0.0.0.255
access-list 20 permit 192.168.27.0 0.0.0.255
access-list 20 permit 192.168.50.0 0.0.0.255
access-list 20 permit 192.168.69.0 0.0.0.255
access-list 20 permit 192.168.125.0 0.0.0.255
access-list 20 permit 192.168.200.0 0.0.0.255
access-list 100 remark "Block access from the Guest network to everything except the printer & the Interent
access-list 100 permit ip any host 192.168.69.99
access-list 100 permit ip any 192.168.200.0 0.0.0.7
access-list 100 deny ip any 192.168.0.0 0.0.255.255
access-list 100 permit ip any any
!
!
!
!
!
TDC_CME_Router(config)#do sh ip int bri
Interface IP-Address OK? Method Status Protocol
GigabitEthernet0/0 unassigned YES NVRAM up up
GigabitEthernet0/0.26 192.168.26.1 YES NVRAM up up
GigabitEthernet0/0.50 192.168.50.1 YES NVRAM up up
Service-Engine0/1 10.110.0.1 YES unset up up
GigabitEthernet0/1 unassigned YES NVRAM up up
GigabitEthernet0/1.2 192.168.0.253 YES NVRAM up up
GigabitEthernet0/1.27 192.168.27.1 YES NVRAM up up
GigabitEthernet0/1.69 192.168.69.1 YES NVRAM up up
GigabitEthernet0/1.110 10.110.0.1 YES NVRAM up up
GigabitEthernet0/1.125 192.168.125.1 YES NVRAM up up
GigabitEthernet0/1.200 192.168.200.1 YES NVRAM up up
FastEthernet0/3/0 100.76.157.54 YES DHCP up up
GigabitEthernet1/0 192.168.70.1 YES manual up up
NVI0 100.76.157.54 YES unset administratively down down
TDC_CME_Router(config)#do sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is 100.76.157.53 to network 0.0.0.0
S* 0.0.0.0/0 [1/0] via 100.76.157.53
4.0.0.0/32 is subnetted, 1 subnets
S 4.2.2.2 is directly connected, FastEthernet0/3/0
10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
C 10.110.0.0/24 is directly connected, GigabitEthernet0/1.110
L 10.110.0.1/32 is directly connected, GigabitEthernet0/1.110
S 10.110.0.2/32 is directly connected, Service-Engine0/1
100.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 100.76.157.52/30 is directly connected, FastEthernet0/3/0
L 100.76.157.54/32 is directly connected, FastEthernet0/3/0
192.168.0.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.0.0/24 is directly connected, GigabitEthernet0/1.2
L 192.168.0.253/32 is directly connected, GigabitEthernet0/1.2
192.168.10.0/32 is subnetted, 1 subnets
S 192.168.10.1 [254/0] via 100.76.157.53, FastEthernet0/3/0
192.168.26.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.26.0/24 is directly connected, GigabitEthernet0/0.26
L 192.168.26.1/32 is directly connected, GigabitEthernet0/0.26
192.168.27.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.27.0/24 is directly connected, GigabitEthernet0/1.27
L 192.168.27.1/32 is directly connected, GigabitEthernet0/1.27
192.168.50.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.50.0/24 is directly connected, GigabitEthernet0/0.50
L 192.168.50.1/32 is directly connected, GigabitEthernet0/0.50
192.168.69.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.69.0/24 is directly connected, GigabitEthernet0/1.69
L 192.168.69.1/32 is directly connected, GigabitEthernet0/1.69
192.168.70.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.70.0/24 is directly connected, GigabitEthernet1/0
L 192.168.70.1/32 is directly connected, GigabitEthernet1/0
192.168.125.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.125.0/24 is directly connected, GigabitEthernet0/1.125
L 192.168.125.1/32 is directly connected, GigabitEthernet0/1.125
192.168.200.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.200.0/24 is directly connected, GigabitEthernet0/1.200
L 192.168.200.1/32 is directly connected, GigabitEthernet0/1.200
TDC_CME_Router(config)#do sh ip int br
Interface IP-Address OK? Method Status Protocol
GigabitEthernet0/0 unassigned YES NVRAM up up
GigabitEthernet0/0.26 192.168.26.1 YES NVRAM up up
GigabitEthernet0/0.50 192.168.50.1 YES NVRAM up up
Service-Engine0/1 10.110.0.1 YES unset up up
GigabitEthernet0/1 unassigned YES NVRAM up up
GigabitEthernet0/1.2 192.168.0.253 YES NVRAM up up
GigabitEthernet0/1.27 192.168.27.1 YES NVRAM up up
GigabitEthernet0/1.69 192.168.69.1 YES NVRAM up up
GigabitEthernet0/1.110 10.110.0.1 YES NVRAM up up
GigabitEthernet0/1.125 192.168.125.1 YES NVRAM up up
GigabitEthernet0/1.200 192.168.200.1 YES NVRAM up up
FastEthernet0/3/0 100.76.157.54 YES DHCP up up
GigabitEthernet1/0 192.168.70.1 YES manual up up
NVI0 100.76.157.54 YES unset administratively down down
TDC_CME_Router(config)#do ping 8.8.8.8 source 192.168.69.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
Packet sent with a source address of 192.168.69.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 56/62/76 ms
TDC_CME_Router(config)#do ping 8.8.8.8 source 192.168.200.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
Packet sent with a source address of 192.168.200.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 44/50/64 ms
TDC_CME_Router(config)#do ping 8.8.8.8 source 100.76.157.54
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
Packet sent with a source address of 100.76.157.54
.....
Success rate is 0 percent (0/5)
TDC_CME_Router#sh ip int fa0/3/0
FastEthernet0/3/0 is up, line protocol is up
Internet address is 100.76.157.54/30
Broadcast address is 255.255.255.255
Address determined by DHCP
MTU is 1500 bytes
Helper address is not set
Directed broadcast forwarding is disabled
Outgoing access list is not set
Inbound access list is not set
Proxy ARP is enabled
Local Proxy ARP is disabled
Security level is default
Split horizon is enabled
ICMP redirects are always sent
ICMP unreachables are always sent
ICMP mask replies are never sent
IP fast switching is disabled
IP fast switching on the same interface is disabled
IP Flow switching is disabled
IP CEF switching is disabled
IP Null turbo vector
IP multicast fast switching is disabled
IP multicast distributed fast switching is disabled
IP route-cache flags are No CEF
Router Discovery is disabled
IP output packet accounting is disabled
IP access violation accounting is disabled
TCP/IP header compression is disabled
RTP/IP header compression is disabled
Policy routing is disabled
Network address translation is enabled, interface in domain outside
BGP Policy Mapping is disabled
Input features: Stateful Inspection, Virtual Fragment Reassembly, Virtual Fragment Reassembly After IPSec Decryption, NAT Outside, MCI Check
Output features: Post-routing NAT NVI Output, Post-routing NAT Outside, Stateful Inspection, NAT ALG proxy
WCCP Redirect outbound is disabled
WCCP Redirect inbound is disabled
WCCP Redirect exclude is disabled
TDC_CME_Router#sh ip nat statistics
Total active translations: 515 (0 static, 515 dynamic; 515 extended)
Peak translations: 515, occurred 00:00:00 ago
Outside interfaces:
FastEthernet0/3/0
Inside interfaces:
GigabitEthernet0/0, GigabitEthernet0/0.26, GigabitEthernet0/0.50
Service-Engine0/1, GigabitEthernet0/1.2, GigabitEthernet0/1.27
GigabitEthernet0/1.69, GigabitEthernet0/1.110, GigabitEthernet0/1.125
GigabitEthernet0/1.200, GigabitEthernet1/0
Hits: 20060 Misses: 0
CEF Translated packets: 4855, CEF Punted packets: 7858
Expired translations: 6934
Dynamic mappings:
-- Inside Source
[Id: 3] access-list 20 interface FastEthernet0/3/0 refcount 515
Total doors: 0
Appl doors: 0
Normal doors: 0
Queued Packets: 0
TDC_CME_Router#sh ip nat translations
Pro Inside global Inside local Outside local Outside global
udp 100.76.157.54:51425 192.168.50.50:51425 8.8.8.8:53 8.8.8.8:53
udp 100.76.157.54:56490 192.168.50.50:56490 4.2.2.2:53 4.2.2.2:53
udp 100.76.157.54:54520 192.168.50.100:54520 4.2.2.2:53 4.2.2.2:53
udp 100.76.157.54:54520 192.168.50.100:54520 8.8.8.8:53 8.8.8.8:53
udp 100.76.157.54:54685 192.168.50.100:54685 128.8.10.90:53 128.8.10.90:53
udp 100.76.157.54:55025 192.168.50.100:55025 193.0.14.129:53 193.0.14.129:53
udp 100.76.157.54:55115 192.168.50.100:55115 4.2.2.2:53 4.2.2.2:53
udp 100.76.157.54:55115 192.168.50.100:55115 8.8.8.8:53 8.8.8.8:53
udp 100.76.157.54:56221 192.168.50.100:56221 192.36.148.17:53 192.36.148.17:53
udp 100.76.157.54:56272 192.168.50.100:56272 4.2.2.2:53 4.2.2.2:53
udp 100.76.157.54:56272 192.168.50.100:56272 8.8.8.8:53 8.8.8.8:53
icmp 100.76.157.54:20313 192.168.69.3:20313 4.2.2.2:20313 4.2.2.2:20313
udp 100.76.157.54:41639 192.168.69.69:41639 8.8.8.8:53 8.8.8.8:53
TDC_CME_Router#sh ip nat nvi translations
Pro Source global Source local Destin local Destin global
TDC_CME_Router#sh ip nat nvi statistics
Total active translations: 0 (0 static, 0 dynamic; 0 extended)
NAT Enabled interfaces:
FastEthernet0/3/0
Hits: 0 Misses: 0
CEF Translated packets: 0, CEF Punted packets: 0
Expired translations: 0
Dynamic mappings:
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide