Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
527
Views
0
Helpful
4
Replies

Accessing from External to Internal

NeilTrend
Level 1
Level 1

‎03-20-2018 11:31 PM - edited ‎03-08-2019 02:20 PM

Hi,

 

I need to configure my router to access from External to Internal. Here is my configuration:

 

Using 2018 out of 262136 bytes
!
! Last configuration change at 09:13:00 UTC Mon Jan 1 2018
!
version 15.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname tpmmea
!
boot-start-marker
boot-end-marker
!
!
logging buffered 51200 warnings
no logging console
enable secret 5 $1$xsLU$UYPc2eFsUIG6BbY9mv110.
enable password $mb3ngr
!
aaa new-model
!
!
!
!
!
!
!
aaa session-id common
!
!
!
!
!
!
!
!
!
!
!
!
ip dhcp pool mypool
 network 192.168.1.0 255.255.255.0
 domain-name mmea.local
 dns-server 8.8.8.8
 default-router 192.168.1.100
 lease 7
!
!
!
ip name-server 8.8.8.8
ip cef
ip wccp web-cache password 0 password
no ipv6 cef
multilink bundle-name authenticated
!
cts logging verbose
!
crypto pki trustpoint TP-self-signed-4019138288
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-4019138288
 revocation-check none
 rsakeypair TP-self-signed-4019138288
!
!
crypto pki certificate chain TP-self-signed-4019138288
 certificate self-signed 01 nvram:IOS-Self-Sig#2.cer
license udi pid CISCO1921/K9 sn FGL201822AC
!
!
username wfhsadmin privilege 15 password 0 $mb3ngr
!
redundancy
!
!
ip ssh pubkey-chain
  username wfhsadmin
!
!
!
!
interface Embedded-Service-Engine0/0
 no ip address
 shutdown
!
interface GigabitEthernet0/0
 ip address dhcp
 ip nat outside
 ip virtual-reassembly in
 duplex auto
 speed auto
 no mop enabled
!
interface GigabitEthernet0/1
 ip address 192.168.1.100 255.255.255.0
 ip wccp web-cache redirect out
 ip nat inside
 ip virtual-reassembly in
 duplex auto
 speed auto
!
ip forward-protocol nd
!
no ip http server
ip http authentication local
ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 10.205.0.1
!
!
!
!
!
!
control-plane
!
!
!
line con 0
 exec-timeout 0 0
line aux 0
line 2
 no activation-character
 no exec
 transport preferred none
 transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
 stopbits 1
line vty 0 4
 privilege level 15
 password $mb3ngr
 transport input telnet ssh
!
scheduler allocate 20000 1000
!
end

 

 

I can access 10.205.x.x segment from 192.168.x.x, However I cannot access 192.168.x.x from 10.205.x.x segment.

 

Hope for you positive feedback.

 

Thanks

 

Labels:
0 Helpful
4 Replies 4

Deepak Kumar
VIP Alumni
VIP Alumni

‎03-20-2018 11:43 PM

Hi, 

As per your configuration, you have configured "IP NAT Inside" under the LAN interface and "IP NAT Outside" under the "GigabitEthernet0/0" but no IP NAT configured. 

Test two thing:

 

1. Remove the IP NAT INSIDE & IP NAT OUTSIDE from the interfaces configuration. 

2. I hope it there, but check the routing on your  "10.205.0.1" device for network " 192.168.1.0/24"

 

Regards,

Deepak Kumar

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!
0 Helpful

NeilTrend
Level 1
Level 1
In response to Deepak Kumar

‎03-20-2018 11:49 PM

Hi,

 

Thanks for the update, Please see my comment.

 

1. Remove the IP NAT INSIDE & IP NAT OUTSIDE from the interfaces configuration. 

 

I have configured this so 192.168.x.x will have internet access.

 

2. I hope it there, but check the routing on your  "10.205.0.1" device for network " 192.168.1.0/24"

 

Unfortunately I don't have access on the 10.205.0.1 router. It's only a mini lab that we have setup inside a network. Is there any other way?

 

Thanks

0 Helpful

Deepak Kumar
VIP Alumni
VIP Alumni
In response to NeilTrend

‎03-21-2018 06:55 AM

Hi, 

Configure a DNAT (Port forwarding) to an inside device. 

 

Regards,

Deepak Kumar

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!
0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to Deepak Kumar

‎03-21-2018 07:09 AM

I am confused. The original post has a default route with 10.205.0.1 as the next hop. And the original poster says that they can access that network. But the only mention of 10.205.0.1 is in the static default route. How does this router know how to get to that network.

 

When I was reading the original post I believed that the issue might involve address translation, assuming that this router connected to a service provider. Now we are told that it is part of a lab setup. Can you provide clarification about the environment and show us the topology of this network?

 

HTH

 

Rick

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents