Solved: Cisco 1720 - Inside Hosts can't access Internet

jack · ‎01-20-2011

Hi,

I am doing a test configuration on a 1720 router, and I have repeated the scenario on a Cisco 861 and I am having the exact same results. I am clearly missing something.

The Layout:

Cisco 1720 -

FastEthernet 0 port for the inside network

Ethernet 0 port for the outside network

Ethernet 0 is connected to a router that passes out DHCP addresses

FastEthernet 0 is connected to my testing laptop

LAPTOP <-----> f0 -- CISCO 1720 -- e0 <-----> INTERNET ROUTER

In the above scenario, The Cisco 1720 can ping addresses on the internet and also addresses on the inside network, including f0, Loopback 0, and the LAPTOP. The LAPTOP cannot ping internet addresses, but it can ping f0, l0, and e0

LAPTOP receives it's IP address from DHCP that I set up on the 1720

I have tried plugging the LAPTOP directly into the INTERNET ROUTER and it works perfectly. No issues whatsoever.

Current configuration : 1427 bytes
!
! Last configuration change at 12:52:48 UTC Mon May 17 2010
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ROUTER
!
boot-start-marker
boot-end-marker
!
enable secret 5 $*************************1
enable password bigapple789
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
no aaa new-model
ip subnet-zero
no ip routing
!
!
ip domain name ROUTER.com
ip name-server 10.10.10.1
ip dhcp excluded-address 192.168.1.1 192.168.1.50
!
ip dhcp pool dpool1
   import all
   network 192.168.1.0 255.255.255.0
   default-router 192.168.1.1
   dns-server 208.67.222.222 208.67.220.220
   domain-name ROUTER.com
!
no ip cef
ip audit po max-events 100
no ftp-server write-enable
!
!
interface Loopback0
ip address 192.168.1.2 255.255.255.0
ip nat inside
!
interface ATM0
no ip address
no ip route-cache
shutdown
no atm ilmi-keepalive
dsl operating-mode auto
!
interface Ethernet0
ip address dhcp
ip nat outside
full-duplex
!
interface FastEthernet0
ip address 192.168.1.1 255.255.255.0
ip nat inside
speed auto
full-duplex
!
ip default-gateway 10.10.10.1
ip nat inside source list 1 interface Ethernet0 overload
ip classless
no ip http server
no ip http secure-server
!
!
access-list 1 permit 192.168.1.0 0.0.0.255
!
!
line con 0
line aux 0
line vty 0 4
password bigapple1
login
!
!
end

I noticed that when pinging from LAPTOP to INTERNET, the "show nat statistics" does not change. When pinging INTERNET from f0 or LoopBack0, the nat statistics do increase.

Any help would be greatly appreciated! I am really stuck.

Varun Uniyal · ‎01-20-2011

try:

you have CEF turned off...turn it on.

you have ip routing turned off turn it on.

use:

ip route 0.0.0.0 0.0.0.0 10.10.10.1

instead of ip default-gateway 10.10.10.1

default-gateway command is for when ip routing is turned off

If this doesn't help post the following :

tracert 4.2.2.2 --->from laptop

sh ip nat translation ---> from router

View solution in original post

Varun Uniyal · ‎01-20-2011