Solved: ISP like network. Cannot connect between routers

christoffer92 · ‎12-04-2022

Hello! I'm having trouble pinging the inside of routers and connecting to the web server. I can ping the loopback address 20.0.0.1 from all the devices.

When I run in simulation mode and ping 192.168.1.1 from Server0, the packet reaches the server, but is rejected at Router4 on the way back to Server0.

I can ping 10.0.0.1 10.0.0.2 and 10.0.0.3 from all devices

These are the configs

Router 2:

interface Loopback0

ip address 20.0.0.1 255.255.255.255

!

interface GigabitEthernet0/0

ip address 10.0.0.1 255.255.255.0

ip nat outside

duplex auto

speed auto

!

interface GigabitEthernet0/1

no ip address

duplex auto

speed auto

shutdown

!

interface Vlan1

no ip address

shutdown

!

ip nat inside source list 1 interface GigabitEthernet0/0 overload

ip classless

ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0

!

ip flow-export version 9

!

!

access-list 1 permit 10.0.0.0 0.0.0.255

Router 3:

interface GigabitEthernet0/0

ip address 10.0.0.2 255.255.255.0

ip nat outside

duplex auto

speed auto

!

interface GigabitEthernet0/1

ip address 192.168.1.1 255.255.255.0

ip nat inside

duplex auto

speed auto

!

interface Vlan1

no ip address

shutdown

!

ip nat inside source list 1 interface GigabitEthernet0/0 overload

ip classless

ip route 0.0.0.0 0.0.0.0 10.0.0.1

!

ip flow-export version 9

!

!

access-list 1 permit 192.168.1.0 0.0.0.255




router 4:

interface GigabitEthernet0/0

ip address 10.0.0.3 255.255.255.0

ip nat outside

duplex auto

speed auto

!

interface GigabitEthernet0/1

ip address 192.168.2.1 255.255.255.0

ip nat inside

duplex auto

speed auto

!

interface Vlan1

no ip address

shutdown

!

ip nat inside source list NAT interface GigabitEthernet0/0 overload

ip classless

ip route 0.0.0.0 0.0.0.0 10.0.0.1

!

ip flow-export version 9

!

!

ip access-list standard NAT

permit 192.168.1.0 0.0.0.255

permit 192.168.2.0 0.0.0.255

Thanks!

MHM Cisco World · ‎12-10-2022

and for routing,
the router in internet know only Public IP, the private IP is hide behind router.

Now how user in network-A connect to server in network-B in internet ?
the user connect public IP of router server hide behind.

but how we connect public IP of router and router forward that to Server ?
the answer is NAT

here in your network we assume the public IP is 10.0.0.0 and private is 192.168.x.0
the user in any network must ping the public IP of router server behind it.

but again who we config NAT ?
we config here static NAT not overload NAT.

ip nat inside souce static <server IP > <public IP or interface>

and that it.

so NAT solve
1- routing in internet
2- security
3- ipv4 address depletion

View solution in original post

MHM Cisco World · ‎12-10-2022

ip nat inside souce static udp/tcp <server IP ><port> <public IP or interface><port>

View solution in original post

balaji.bandi · ‎12-04-2022

ip access-list standard NAT

permit 192.168.1.0 0.0.0.255   <-- why this IP address space in router 4 ? (you need to remove this)

permit 192.168.2.0 0.0.0.255

what is the Server IP ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

christoffer92 · ‎12-05-2022

@balaji.bandi The server ip is 192.168.2.10. I thought there was a NAT error so i just added it to try.

balaji.bandi · ‎12-05-2022

so if the Server ip 192.168.2.10 and you try to reach behind R2 inside network 192.168.1.1 - it will not work with your config.

you need to have ACL/NAT for incoming packets, which you do not have in the config (as per the post)

some example for reference :

https://www.cisco.com/c/en/us/support/docs/ip/network-address-translation-nat/8605-13.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

christoffer92 · ‎12-10-2022

@balaji.bandi Thanks for the link! Unfortunately I could not solve my issue with that. Possible for you to elaborate on your answer?

Thanks!

paul driver · ‎12-04-2022

Hello
The topology and configuration doesn’t look correct, rtr 3/4 have a default route pointing to 10.1.1.1 ( r2) and then rtr 2 has a default route pointing to its one and only interface which connects to both rtr3/4 on the same /24 subnet and then all 3 rtrs are performing NAT for that same subnet?

Can you elaborate on what your are you trying to achieve please?

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

christoffer92 · ‎12-05-2022

@paul driver Router 2 is supposed to be the ISP router to provide internet access at 20.0.0.1 which works. R3 and 4 are the clients. PC0 should be able to access Server0 but R4 stops the packet

MHM Cisco World · ‎12-10-2022

I will ask you one Q, why we use NAT in Network ??

christoffer92 · ‎12-10-2022

To translate private addresses to a single external address on clients

MHM Cisco World · ‎12-10-2022

but why ? why we need to hide the private address ?

I am here want to solve issue and help you to understand how network work.

christoffer92 · ‎12-10-2022

because of ivp4 address depletion

MHM Cisco World · ‎12-10-2022

and for routing,
the router in internet know only Public IP, the private IP is hide behind router.

Now how user in network-A connect to server in network-B in internet ?
the user connect public IP of router server hide behind.

but how we connect public IP of router and router forward that to Server ?
the answer is NAT

here in your network we assume the public IP is 10.0.0.0 and private is 192.168.x.0
the user in any network must ping the public IP of router server behind it.

but again who we config NAT ?
we config here static NAT not overload NAT.

ip nat inside souce static <server IP > <public IP or interface>

and that it.

so NAT solve
1- routing in internet
2- security
3- ipv4 address depletion

christoffer92 · ‎12-10-2022

Thanks! That worked! Now I just need to figure out how to port forward to the webbserver, Server0

MHM Cisco World · ‎12-10-2022

ip nat inside souce static udp/tcp <server IP ><port> <public IP or interface><port>

christoffer92 · ‎12-10-2022

Wow that really helped me allot. I did a lot of googling but you reallt saved me!