Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2469
Views
25
Helpful
15
Replies

ISP like network. Cannot connect between routers

Go to solution
christoffer92
Level 1
Level 1

‎12-04-2022 12:39 PM - last edited on ‎12-14-2022 10:53 PM by Community Manager

Hello! I'm having trouble pinging the inside of routers and connecting to the web server. I can ping the loopback address 20.0.0.1 from all the devices.

When I run in simulation mode and ping 192.168.1.1 from Server0, the packet reaches the server, but is rejected at Router4 on the way back to Server0.

I can ping 10.0.0.1 10.0.0.2 and 10.0.0.3 from all devices

These are the configs

Router 2:

 

interface Loopback0

ip address 20.0.0.1 255.255.255.255

!

interface GigabitEthernet0/0

ip address 10.0.0.1 255.255.255.0

ip nat outside

duplex auto

speed auto

!

interface GigabitEthernet0/1

no ip address

duplex auto

speed auto

shutdown

!

interface Vlan1

no ip address

shutdown

!

ip nat inside source list 1 interface GigabitEthernet0/0 overload

ip classless

ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0

!

ip flow-export version 9

!

!

access-list 1 permit 10.0.0.0 0.0.0.255

Router 3:

interface GigabitEthernet0/0

ip address 10.0.0.2 255.255.255.0

ip nat outside

duplex auto

speed auto

!

interface GigabitEthernet0/1

ip address 192.168.1.1 255.255.255.0

ip nat inside

duplex auto

speed auto

!

interface Vlan1

no ip address

shutdown

!

ip nat inside source list 1 interface GigabitEthernet0/0 overload

ip classless

ip route 0.0.0.0 0.0.0.0 10.0.0.1

!

ip flow-export version 9

!

!

access-list 1 permit 192.168.1.0 0.0.0.255




router 4:

interface GigabitEthernet0/0

ip address 10.0.0.3 255.255.255.0

ip nat outside

duplex auto

speed auto

!

interface GigabitEthernet0/1

ip address 192.168.2.1 255.255.255.0

ip nat inside

duplex auto

speed auto

!

interface Vlan1

no ip address

shutdown

!

ip nat inside source list NAT interface GigabitEthernet0/0 overload

ip classless

ip route 0.0.0.0 0.0.0.0 10.0.0.1

!

ip flow-export version 9

!

!

ip access-list standard NAT

permit 192.168.1.0 0.0.0.255

permit 192.168.2.0 0.0.0.255


Thanks!

Labels:
Preview file
162 KB
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
MHM Cisco World
VIP
VIP
In response to christoffer92

‎12-10-2022 03:54 AM - last edited on ‎12-14-2022 11:29 PM by Community Manager

and for routing, 
the router in internet know only Public IP, the private IP is hide behind router. 

Now how user in network-A connect to server in network-B in internet ? 
the user connect public IP of router server hide behind. 

but how we connect public IP of router and router forward that to Server ?
the answer is NAT 

here in your network we assume the public IP is 10.0.0.0 and private is 192.168.x.0 
the user in any network must ping the public IP of router server behind it. 

but again who we config NAT ?
we config here static NAT not overload NAT. 

ip nat inside souce static <server IP > <public IP or interface>



and that it. 

so NAT solve 
1- routing in internet 
2- security 
3- ipv4 address depletion

View solution in original post

Go to solution
MHM Cisco World
VIP
VIP
In response to christoffer92

‎12-10-2022 05:44 AM - last edited on ‎12-14-2022 11:41 PM by Community Manager

ip nat inside souce static udp/tcp <server IP ><port> <public IP or interface><port>

 

View solution in original post

15 Replies 15

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎12-04-2022 02:21 PM - last edited on ‎12-14-2022 10:54 PM by Community Manager

 

ip access-list standard NAT

permit 192.168.1.0 0.0.0.255   <-- why this IP address space in router 4 ? (you need to remove this)

permit 192.168.2.0 0.0.0.255

what is the Server IP ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
christoffer92
Level 1
Level 1
In response to balaji.bandi

‎12-05-2022 01:40 AM

@balaji.bandi The server ip is 192.168.2.10. I thought there was a NAT error so i just added it to try.

0 Helpful

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to christoffer92

‎12-05-2022 02:05 AM

so if the Server ip 192.168.2.10 and you try to reach behind R2 inside network 192.168.1.1 - it will not work with your config.

you need to have ACL/NAT for incoming packets, which you do not have in the config (as per the post)

some example for reference :

https://www.cisco.com/c/en/us/support/docs/ip/network-address-translation-nat/8605-13.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Go to solution
christoffer92
Level 1
Level 1
In response to balaji.bandi

‎12-10-2022 02:29 AM

@balaji.bandi Thanks for the link! Unfortunately I could not solve my issue with that. Possible for you to elaborate on your answer?

Thanks!

0 Helpful

Go to solution
paul driver
VIP
VIP

‎12-04-2022 03:09 PM

Hello
The topology and configuration doesn’t look correct, rtr 3/4 have a default route pointing to 10.1.1.1 ( r2) and then rtr 2 has a default route pointing to its one and only interface which connects to both rtr3/4 on the same /24 subnet and then all 3 rtrs are performing NAT for that same subnet?

Can you elaborate on what your are you trying to achieve please?


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

Go to solution
christoffer92
Level 1
Level 1
In response to paul driver

‎12-05-2022 01:48 AM

@paul driver Router 2 is supposed to be the ISP router to provide internet access at 20.0.0.1 which works. R3 and 4 are the clients. PC0 should be able to access Server0 but R4 stops the packet

0 Helpful

Go to solution
MHM Cisco World
VIP
VIP

‎12-10-2022 03:13 AM

I will ask you one Q, why we use NAT in Network ??

0 Helpful

Go to solution
christoffer92
Level 1
Level 1
In response to MHM Cisco World

‎12-10-2022 03:19 AM

To translate private addresses to a single external address on clients

0 Helpful

Go to solution
MHM Cisco World
VIP
VIP
In response to christoffer92

‎12-10-2022 03:31 AM

but why ? why we need to hide the private address ?

I am here want to solve issue and help you to understand how network work. 

0 Helpful

Go to solution
christoffer92
Level 1
Level 1
In response to MHM Cisco World

‎12-10-2022 03:37 AM

because of ivp4 address depletion

0 Helpful

Go to solution
MHM Cisco World
VIP
VIP
In response to christoffer92

‎12-10-2022 03:54 AM - last edited on ‎12-14-2022 11:29 PM by Community Manager

and for routing, 
the router in internet know only Public IP, the private IP is hide behind router. 

Now how user in network-A connect to server in network-B in internet ? 
the user connect public IP of router server hide behind. 

but how we connect public IP of router and router forward that to Server ?
the answer is NAT 

here in your network we assume the public IP is 10.0.0.0 and private is 192.168.x.0 
the user in any network must ping the public IP of router server behind it. 

but again who we config NAT ?
we config here static NAT not overload NAT. 

ip nat inside souce static <server IP > <public IP or interface>



and that it. 

so NAT solve 
1- routing in internet 
2- security 
3- ipv4 address depletion

Go to solution
christoffer92
Level 1
Level 1
In response to MHM Cisco World

‎12-10-2022 05:43 AM

Thanks! That worked! Now I just need to figure out how to port forward to the webbserver, Server0

Go to solution
MHM Cisco World
VIP
VIP
In response to christoffer92

‎12-10-2022 05:44 AM - last edited on ‎12-14-2022 11:41 PM by Community Manager

ip nat inside souce static udp/tcp <server IP ><port> <public IP or interface><port>

 

Go to solution
christoffer92
Level 1
Level 1
In response to MHM Cisco World

‎12-10-2022 07:43 AM

Wow that really helped me allot. I did a lot of googling but you reallt saved me!

0 Helpful
Customers Also Viewed These Support Documents