cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

133
Views
5
Helpful
3
Replies
Beginner

NAT Question, should I include a 0.0.0.0 network in eigrp. Can't ping pass the router.

Hello, 

 

Should I include some sort of default path in EIGRP or something? 

 

Im able to ping inside my network, however when trying to ping an IP address outside of my network, one of my core switches is returning a "Destination host unreachable."

 

!
version 15.1
!
hostname Oslo-IntEdge
!
!
license udi pid CISCO2911/K9 sn FTX1524SQCT-
!
spanning-tree mode pvst
!
interface GigabitEthernet0/0
 ip address dhcp
 ip nat outside
 duplex auto
 speed auto
!
interface GigabitEthernet0/1
 no ip address
 ip nat inside
 duplex auto
 speed auto
!
interface GigabitEthernet0/1.10
 encapsulation dot1Q 10
 ip address 172.16.2.155 255.255.255.224
 ip nat inside
!
interface GigabitEthernet0/1.20
 encapsulation dot1Q 20
 ip address 172.16.2.122 255.255.255.128
 ip nat inside
!
interface GigabitEthernet0/1.30
 encapsulation dot1Q 30
 ip address 172.16.2.186 255.255.255.224
 ip nat inside
!
interface GigabitEthernet0/1.40
 encapsulation dot1Q 40
 ip address 172.16.1.250 255.255.255.224
 ip nat inside
!
interface GigabitEthernet0/1.100
 encapsulation dot1Q 100
 ip address 172.16.2.194 255.255.255.248
 ip nat inside
!
interface GigabitEthernet0/2
 description DMZ
 ip address 172.16.36.30 255.255.255.224
 ip nat inside
 duplex auto
 speed auto
!
interface Vlan1
 no ip address
 shutdown
!
router eigrp 10
 network 172.16.0.0 0.0.3.255
 
!
ip nat inside source list 1 interface GigabitEthernet0/0 overload
ip nat inside source static 172.16.36.29 209.165.201.10 
ip nat inside source static tcp 172.16.36.28 80 209.209.201.11 80 
ip classless
!
ip flow-export version 9
!
!
access-list 1 permit 172.16.0.0 0.0.3.255
!


!
version 16.3.2
!
hostname Core2
!
ip routing
!
vtp domain HQ
vtp mode transparent
!
spanning-tree mode pvst
spanning-tree vlan 1,10,30 priority 0
spanning-tree vlan 20,40,100 priority 4096
!
vlan 10
 name MGTM
!
vlan 20
 name IT
!
vlan 30
 name EMPLOYEE
!
vlan 40
 name GUEST
!
vlan 99
 name BLACKHOLE
!
vlan 100
 name SERVER
!
interface Port-channel1
 switchport trunk native vlan 99
 switchport trunk allowed vlan 10,20,30,40,100
 switchport trunk encapsulation dot1q
 switchport mode trunk
 spanning-tree link-type point-to-point
!
interface GigabitEthernet1/0/1
 switchport trunk native vlan 99
 switchport trunk allowed vlan 10,20,30,40,100
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface GigabitEthernet1/0/2
 switchport trunk native vlan 99
 switchport trunk allowed vlan 10,20,30,40,100
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface GigabitEthernet1/0/22
 switchport trunk native vlan 99
 switchport trunk allowed vlan 10,20,30,40,100
 switchport trunk encapsulation dot1q
 switchport mode trunk
 switchport nonegotiate
!
interface GigabitEthernet1/0/23
 switchport trunk native vlan 99
 switchport trunk allowed vlan 10,20,30,40,100
 switchport trunk encapsulation dot1q
 switchport mode trunk
 channel-group 1 mode active
 spanning-tree link-type point-to-point
!
interface GigabitEthernet1/0/24
 switchport trunk native vlan 99
 switchport trunk allowed vlan 10,20,30,40,100
 switchport trunk encapsulation dot1q
 switchport mode trunk
 channel-group 1 mode active
 spanning-tree link-type point-to-point
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan10
 mac-address 00e0.f94c.5801
 ip address 172.16.2.157 255.255.255.224
 standby 1 ip 172.16.2.158
!
interface Vlan20
 mac-address 00e0.f94c.5802
 ip address 172.16.2.124 255.255.255.128
 standby 1 ip 172.16.2.126
!
interface Vlan30
 mac-address 00e0.f94c.5803
 ip address 172.16.2.188 255.255.255.224
 standby 1 ip 172.16.2.190
!
interface Vlan40
 mac-address 00e0.f94c.5804
 ip address 172.16.1.252 255.255.254.0
 standby 1 ip 172.16.1.254
!
interface Vlan100
 mac-address 00e0.f94c.5805
 ip address 172.16.2.196 255.255.255.248
 standby 1 ip 172.16.2.198
!
router eigrp 10
 network 172.16.0.0 0.0.3.255
 no auto-summary
!
ip default-gateway 172.16.2.122
ip classless
!
ip flow-export version 9
!

!
version 16.3.2
!
hostname Core1
!
no ip cef
ip routing

!
vtp domain HQ
vtp mode transparent
!
spanning-tree mode pvst
spanning-tree vlan 20,40,100 priority 0
spanning-tree vlan 1,10,30 priority 4096

!
vlan 10
 name MGMT
!
vlan 20
 name IT
!
vlan 30
 name EMPLOYEE
!
vlan 40
 name GUEST
!
vlan 99
 name BLACKHOLE
!
vlan 100
 name SERVER
!
interface Port-channel1
 switchport trunk native vlan 99
 switchport trunk allowed vlan 10,20,30,40,100
 switchport trunk encapsulation dot1q
 switchport mode trunk
 spanning-tree link-type point-to-point
!
interface GigabitEthernet1/0/1
 switchport trunk native vlan 99
 switchport trunk allowed vlan 10,20,30,40,100
 switchport trunk encapsulation dot1q
 switchport mode trunk
 switchport nonegotiate
!
interface GigabitEthernet1/0/2
 switchport trunk native vlan 99
 switchport trunk allowed vlan 10,20,30,40,100
 switchport trunk encapsulation dot1q
 switchport mode trunk
 switchport nonegotiate
!
interface GigabitEthernet1/0/20
 switchport access vlan 100
 switchport mode access
 switchport nonegotiate
!
interface GigabitEthernet1/0/23
 switchport trunk native vlan 99
 switchport trunk allowed vlan 10,20,30,40,100
 switchport trunk encapsulation dot1q
 switchport mode trunk
 channel-group 1 mode active
 spanning-tree link-type point-to-point
!
interface GigabitEthernet1/0/24
 switchport trunk native vlan 99
 switchport trunk allowed vlan 10,20,30,40,100
 switchport trunk encapsulation dot1q
 switchport mode trunk
 channel-group 1 mode active
 spanning-tree link-type point-to-point
!
interface Vlan1
 no ip address
 standby 1 preempt
 shutdown
!
interface Vlan10
 mac-address 00d0.9736.ec01
 ip address 172.16.2.156 255.255.255.224
 standby 1 ip 172.16.2.158
 standby 1 priority 110
 standby 1 preempt
!
interface Vlan20
 mac-address 00d0.9736.ec02
 ip address 172.16.2.123 255.255.255.128
 standby 1 ip 172.16.2.126
 standby 1 priority 200
 standby 1 preempt
!
interface Vlan30
 mac-address 00d0.9736.ec03
 ip address 172.16.2.187 255.255.255.224
 standby 1 ip 172.16.2.190
 standby 1 priority 110
 standby 1 preempt
!
interface Vlan40
 mac-address 00d0.9736.ec04
 ip address 172.16.1.251 255.255.254.0
 standby 1 ip 172.16.1.254
 standby 1 priority 200
 standby 1 preempt
!
interface Vlan100
 mac-address 00d0.9736.ec05
 ip address 172.16.2.195 255.255.255.248
 standby 1 ip 172.16.2.198
 standby 1 priority 200
 standby 1 preempt
!
router eigrp 10
 network 172.16.0.0 0.0.3.255
 no auto-summary
!
ip default-gateway 172.16.2.122
ip classless
!
ip flow-export version 9
!

 

NAT.PNG

Everyone's tags (2)
1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
VIP Mentor

Re: NAT Question, should I include a 0.0.0.0 network in eigrp. Can't ping pass the router.

Hello,

 

the trunk between the Core switch and the edge router had a native Vlan mismatch. I have changed the native Vlan to 20 on both sides.

 

The 'ip default-gateway' is used only when the switch is in layer 2 mode. I have removed that and exchanged it with static default routes (in case EIGRP fails for one reason or another).

 

Attached the revised project file...

View solution in original post

3 REPLIES 3
Beginner

Re: NAT Question, should I include a 0.0.0.0 network in eigrp. Can't ping pass the router.

The Packet tracer file for the project

Highlighted
VIP Mentor

Re: NAT Question, should I include a 0.0.0.0 network in eigrp. Can't ping pass the router.

Hello,

 

the trunk between the Core switch and the edge router had a native Vlan mismatch. I have changed the native Vlan to 20 on both sides.

 

The 'ip default-gateway' is used only when the switch is in layer 2 mode. I have removed that and exchanged it with static default routes (in case EIGRP fails for one reason or another).

 

Attached the revised project file...

View solution in original post

Beginner

Re: NAT Question, should I include a 0.0.0.0 network in eigrp. Can't ping pass the router.

Haha your back, Georg you have done it again!

Once again thank you, for sorting out yet another problem!
CreatePlease to create content
Content for Community-Ad
August's Community Spotlight Awards