01-24-2014 12:47 PM - edited 03-04-2019 10:09 PM
I have a Cisco 2901 Router with an add-on Gigabit interface card
What I am attempting to do is take the existing network of 206.22.4.0 /25 and add a new 10.69.0.0 /22 network, while also connecting to our already existing guest cable network to allow for a fail-over if our main fiber line goes down. I have EIGRP configured and all routes are installed and I can ping Locally and outside on the router console interface. However when I connect a host to the 10.69.0.0 /22 network with all correct network settings using 8.8.8.8 and 8.8.4.4 for dns, and I am unable to configure out just local LAN addresses. After TRACERTing I have it narrowed it down to NAT not being setup correctly. The guest network is connected (coming from the modem to the 2901) to A TWC cable modem(Gateway address being 192.168.0.1). The TWC cable modem is connected to the WAN port (192.168.2.1) of an E1500 running DD-WRT (For a VPN which is required to reach an offsite asset if our Fiber already containing a VPN goes down.) From the E1500 coming out of a LAN port on the E1500 connected via Ethernet to the GigabitEthernet 0/0 of the 2901. I am able to ping the Gateway of the E1500 and the gateway of the 206.22.4.0 /25 network from the console interface of the 2901. I am able to ping LAN addresses on 206.22.4.0 /25 network from a 10.69.0.0 /22 network but not E1500 gateway (192.168.2.1) I will post my running config. I
appreciate all advice and help. Thank you.
Current configuration : 1751 bytes
!
! Last configuration change at 19:53:17 UTC Fri Jan 24 2014
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Maple
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
ip cef
!
!
!
!
!
!
no ipv6 cef
multilink bundle-name authenticated
!
!
!
!
license udi pid CISCO2901/K9 sn FTX1751866E
!
!
!
!
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
ip address 192.168.2.145 255.255.255.0
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/1
ip address 10.69.0.1 255.255.252.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/0/0
ip address 206.22.4.24 255.255.255.128
duplex auto
speed 100
!
!
router eigrp 48
network 10.69.0.0 0.0.3.255
network 192.168.2.0
network 206.22.4.0 0.0.0.127
!
!
router eigrp 100
network 10.69.0.0 0.0.3.255
network 192.168.2.0
network 206.22.4.0 0.0.0.127
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 192.168.2.1
ip route 0.0.0.0 0.0.0.0 206.22.4.126
ip route 192.168.0.0 255.255.255.0 192.168.2.1
!
!
!
!
control-plane
!
!
!
line con 0
exec-timeout 0 0
password cisco
logging synchronous
login
line aux 0
logging synchronous
line 2
logging synchronous
no activation-character
no exec
transport preferred none
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
exec-timeout 0 0
password cisco
logging synchronous
login
transport input all
line vty 5 1114
exec-timeout 0 0
password cisco
logging synchronous
login
transport input all
!
scheduler allocate 20000 1000
!
end
Solved! Go to Solution.
01-25-2014 02:10 AM
Hi,
I see you have 2 default routes but only one outgoing interface has NAT enabled and also you are missing the NAT statements.
Try this configuration and tell us if it solved your connectivity problem.
If problem not solved then post a diagram of your topology please.
int g0/0/0
ip nat outside
access-list 1 permit 10.69.0.0 0.0.3.255
route-map NAT1
match ip address 1
match interface g0/0
route-map NAT2
match ip address 1
match interface g0/0/0
ip nat inside source route-map NAT1 interface g0/0
ip nat inside source route-map NAT2 interface g0/0/0
Regards
Alain
Don't forget to rate helpful posts.
01-25-2014 02:10 AM
Hi,
I see you have 2 default routes but only one outgoing interface has NAT enabled and also you are missing the NAT statements.
Try this configuration and tell us if it solved your connectivity problem.
If problem not solved then post a diagram of your topology please.
int g0/0/0
ip nat outside
access-list 1 permit 10.69.0.0 0.0.3.255
route-map NAT1
match ip address 1
match interface g0/0
route-map NAT2
match ip address 1
match interface g0/0/0
ip nat inside source route-map NAT1 interface g0/0
ip nat inside source route-map NAT2 interface g0/0/0
Regards
Alain
Don't forget to rate helpful posts.
01-27-2014 09:14 AM
Thank you so much, I was just brain locked after staring at it for about 5 days. I am actually writing this reply from the network.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide