10-20-2014 01:40 AM - edited 03-05-2019 12:00 AM
hi,
i've a cisco 1800 with .248 pool public ip .The router is connected with dce on serial port to my isp and
is configured with first public ip of my subnet on fe0/0 .
I've to serve to vlan (1 and 20) with this router so i 've connected the router fe0/0 to switch trunk port
and created a subinterface fe0/0.20 with dot1q encryption and ip 192.168.40.1. I also created a dhcp pool for vlan20 interface.
Now i can go to internet trought fe/0.0 . configured vlan 20 device receive 192.168.40.0/24 ip so dhcp pool work.
vlan 20 device can ping 192.168.40.1 and 82.85.162.1 (fe0/0.20 and fe0/0) but not want to go to internet.
show ip nat traslation is empty.
this is my show ip route:
Gateway of last resort is 213.205.53.77 to network 0.0.0.0
217.133.64.0/32 is subnetted, 1 subnets
C 217.133.64.49 is directly connected, Virtual-Access1
C 192.168.40.0/24 is directly connected, FastEthernet0/0.20
82.0.0.0/26 is subnetted, 1 subnets
C 82.85.162.0 is directly connected, FastEthernet0/0
213.205.53.0/32 is subnetted, 1 subnets
C 213.205.53.77 is directly connected, Virtual-Access1
S* 0.0.0.0/0 [1/0] via 213.205.53.77
this is my configuration:
Current configuration : 2586 bytes
!
version 12.4
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname ##############
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
logging buffered 64000
no logging console
enable secret 5 ####################
!
aaa new-model
!
!
!
!
aaa session-id common
clock timezone GMT+1 1
clock summer-time GMT+2 recurring
no ip source-route
!
!
ip dhcp excluded-address 82.85.162.1
ip dhcp excluded-address 192.168.40.1
!
ip dhcp pool LAN_Roma_Eletronica
network 82.85.162.0 255.255.255.192
default-router 82.85.162.1
dns-server 213.205.36.70 213.205.32.70
lease 0 0 15
ip dhcp pool vlan20
network 192.168.40.0 255.255.255.0
default-router 192.168.40.1
dns-server 8.8.8.8 8.8.4.4
lease 0 0 15
!
!
ip cef
no ip domain lookup
ip name-server 213.205.32.70
ip name-server 213.205.36.70
multilink bundle-name authenticated
!
!
username ######### password 7 #########
archive
log config
hidekeys
!
!
!
!
!
interface FastEthernet0/0
ip address 82.85.162.1 255.255.255.192
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
no keepalive
!
interface FastEthernet0/0.20
encapsulation dot1Q 20
ip address 192.168.40.1 255.255.255.0
ip nat inside
ip virtual-reassembly
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
!
interface Serial0/0/0
bandwidth 2048
no ip address
encapsulation frame-relay IETF
no fair-queue
frame-relay traffic-shaping
hold-queue 4096 in
hold-queue 4096 out
!
interface Serial0/0/0.100 point-to-point
bandwidth 1600
no cdp enable
frame-relay interface-dlci 100 ppp Virtual-Template1
class FR-1600
!
interface Virtual-Template1
bandwidth 1600
ip address negotiated
ip tcp adjust-mss 1410
keepalive 5
ppp chap hostname #################
ppp chap password 7 ################
ppp pap sent-username ############## password 7 ##############
ppp ipcp route default
!
ip forward-protocol nd
!
!
no ip http server
ip nat inside source list 110 interface FastEthernet0/0 overload
!
!
map-class frame-relay FR-1600
frame-relay cir 1600000
frame-relay bc 200000
frame-relay mincir 1000000
access-list 1 permit 192.168.40.0 0.0.0.255
access-list 110 permit ip 192.168.40.0 0.0.0.255 any
!
!
control-plane
!
!
line con 0
session-timeout 60
exec-timeout 60 0
privilege level 15
line aux 0
privilege level 15
line vty 0 4
session-timeout 60
access-class 10 in
exec-timeout 60 0
!
scheduler allocate 20000 1000
end
10-21-2014 12:30 AM
please help me!!!!
10-21-2014 07:46 AM
There's 2 problems:
1- your "ip nat outside" location is wrong, you must put it on virtual-template1.
2-change "ip nat inside source list 110 interface FastEthernet0/0 overload" to "ip nat inside source list 110 interface virtual-template1 overload"
HTH
Houtan
10-21-2014 07:50 AM
this is ok but nat 192.168.40.0/24 to ip of p2p and not to one of my public ip subnet!
10-21-2014 08:44 AM
If i understood your problem well,
1- you want users in 192.168.40.0/24 go through nat translation to reach internet that is on your se0/0/0.
2- fe0/0 (public address) is in your LAN side of router.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide