10-21-2023 12:05 PM
Hi,
10-21-2023 12:21 PM
Hello @Marco Bertagnolli,
What is your question ?
Your configuration seems to be correct.
10-21-2023 12:42 PM
10-21-2023 02:31 PM
There are several things in this config that puzzle me. First and most important why are there vlan subintefaces on Gig0/1 with private IP addresses. If Gig0/1 connects to the ISP router what are these subnets?
Also why are these static routes in the config?
ip route 10.10.10.0 255.255.255.0 192.168.100.253
ip route 10.10.20.0 255.255.255.0 192.168.100.253
ip route 10.10.30.0 255.255.255.0 192.168.100.253
ip route 10.10.40.0 255.255.255.0 192.168.100.253
Those subnets are directly connected subnets in the config and as such the static routes will be ignored.
Also why does access list 1 not have an entry for 10.10.40.0?
Also why does this subinterface have no configuration?
interface GigabitEthernet0/0.10
10-22-2023 02:03 AM
10-22-2023 04:11 PM
The ISP router does not need to know how to route to the 10.10.x.y networks. When you configure ip nat it translates those addresses and they would appear to be from the 192.168.1.253 address. The most important issue I see here is that you need to add ip nat inside to the vlan subinterfaces.
I am not clear why you are having issues communicating with the ISP router. To investigate this would you post the output of these commands on your router:
show ip interface brief
show arp
show ip route
10-23-2023 10:04 AM
I added the ip nat inside on all the gi0/0 sub interfaces, those are the outputs of the commands you asked
R1#show ip interface brief
Any interface listed with OK? value "NO" does not have a valid configuration
Interface IP-Address OK? Method Status Protocol
Embedded-Service-Engine0/0 unassigned YES unset administratively down down
GigabitEthernet0/0 192.168.100.254 YES manual up up
GigabitEthernet0/0.10 10.10.10.254 YES manual up up
GigabitEthernet0/0.20 10.10.20.254 YES manual up up
GigabitEthernet0/0.30 10.10.30.254 YES manual up up
GigabitEthernet0/0.40 10.10.40.254 YES manual up up
GigabitEthernet0/1 192.168.1.253 YES manual up up
GigabitEthernet0/1.10 unassigned YES manual deleted down
GigabitEthernet0/1.20 unassigned YES manual deleted down
GigabitEthernet0/1.30 unassigned YES manual deleted down
GigabitEthernet0/1.40 unassigned YES manual deleted down
NVI0 unassigned NO unset up up
R1#show arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 10.10.10.1 3 7486.7ad6.d2b8 ARPA GigabitEthernet0/0.10
Internet 10.10.10.254 - fc99.4791.2860 ARPA GigabitEthernet0/0.10
Internet 10.10.20.254 - fc99.4791.2860 ARPA GigabitEthernet0/0.20
Internet 10.10.30.254 - fc99.4791.2860 ARPA GigabitEthernet0/0.30
Internet 10.10.40.254 - fc99.4791.2860 ARPA GigabitEthernet0/0.40
Internet 192.168.1.76 0 bcd0.744f.057c ARPA GigabitEthernet0/1
Internet 192.168.1.253 - fc99.4791.2861 ARPA GigabitEthernet0/1
Internet 192.168.1.254 0 086a.0a64.45d8 ARPA GigabitEthernet0/1
Internet 192.168.100.254 - fc99.4791.2860 ARPA GigabitEthernet0/0
R1#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is 192.168.1.254 to network 0.0.0.0
S* 0.0.0.0/0 [1/0] via 192.168.1.254
10.0.0.0/8 is variably subnetted, 8 subnets, 2 masks
C 10.10.10.0/24 is directly connected, GigabitEthernet0/0.10
L 10.10.10.254/32 is directly connected, GigabitEthernet0/0.10
C 10.10.20.0/24 is directly connected, GigabitEthernet0/0.20
L 10.10.20.254/32 is directly connected, GigabitEthernet0/0.20
C 10.10.30.0/24 is directly connected, GigabitEthernet0/0.30
L 10.10.30.254/32 is directly connected, GigabitEthernet0/0.30
C 10.10.40.0/24 is directly connected, GigabitEthernet0/0.40
L 10.10.40.254/32 is directly connected, GigabitEthernet0/0.40
192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.1.0/24 is directly connected, GigabitEthernet0/1
L 192.168.1.253/32 is directly connected, GigabitEthernet0/1
192.168.100.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.100.0/24 is directly connected, GigabitEthernet0/0
L 192.168.100.254/32 is directly connected, GigabitEthernet0/0
thank you very much for helping me!
Marco
10-24-2023 07:54 AM
Thank you for the requested outputs. Based on these it looks like your router should have connectivity with the ISP router. You tell us ", I still cannot connect from the ISP's network to the Cisco router one and the same from the network of the Cisco router to the ISP one". Is this SSH or telnet, or is it ping or traceroute, or is it some other type of connection?
10-24-2023 12:14 PM
I usualy try with ping but even ssh or http doesn't work at all
thank you for helping
Marco
10-24-2023 12:51 PM
In investigating this type of problem ping or traceroute are better than ssh or http (which are much more likely to have access controlled). Are you attempting ping from the router itself or from some device in your network? And better to test from the router than from some device in the network.
When you attempt ping and it does not work can you check and see if your router has generated any log messages?
10-23-2023 03:29 AM
Hello @Marco Bertagnolli ,
you need to add the
ip nat inside
under each subif of gi0/0 to trigger NAT operations
Hope to help
Giuseppe
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide