Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2162
Views
0
Helpful
2
Replies

CISCO 1941 router NAT problems

kmillard84
Level 1
Level 1

‎05-25-2012 03:38 PM - edited ‎03-07-2019 06:55 AM

Hello all,

I am attemping to create a simple LAN and have computers on that LAN be able to access the internet.  I've configured my default ip route:

Gateway of last resort is 71.83.141.21 to network 0.0.0.0

S*    0.0.0.0/0 [1/0] via 71.83.141.21

      71.0.0.0/8 is variably subnetted, 2 subnets, 2 masks

C        71.83.141.20/30 is directly connected, GigabitEthernet0/1

L        71.83.141.22/32 is directly connected, GigabitEthernet0/1

      192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks

C        192.168.1.0/24 is directly connected, GigabitEthernet0/0

L        192.168.1.1/32 is directly connected, GigabitEthernet0/0

192.168.1.0 is clearly my internal LAN while 71.0.0.0 is my external internet connection.  I am able to ping any internet site from the router, and I can connect as many computers as I want to the LAN without problems.  Computers can communicated with other computers on the network.  They just can't get out to the internet.

When I have done this before, i have used NAT to provide the linking.  I have the LAN interface indicated as nat inside and WAN interface as NAT outside.  However, when I put the ip nat inside source static network command in the running-config...i lose internet connectvitiy from the router. 

Any ideas on what the issue is?  I'm sure its something small, but I can't figure out the issue.  Here's my running config...abbreviated.  It's very simple as I started over when I realized that i was having issues...and don't want to configure anything else until i get this resolved.

ip name-server 68.190.192.35

ip name-server 71.9.127.107

multilink bundle-name authenticated

!

crypto pki token default removal timeout 0

!

!

license udi pid CISCO1941/K9 sn FTX154800RY

!

!

!

!

!

!

interface Embedded-Service-Engine0/0

no ip address

shutdown

!

interface GigabitEthernet0/0

ip address 192.168.1.1 255.255.255.0

ip nat inside

ip virtual-reassembly in

duplex auto

speed auto

no mop enabled

!

interface GigabitEthernet0/1

ip address 71.83.141.xxx (redacted) 255.255.255.252

ip nat outside

ip virtual-reassembly in

duplex auto

speed auto

!

ip forward-protocol nd

!

no ip http server

no ip http secure-server

!

ip route 0.0.0.0 0.0.0.0 71.83.141.21

!

!

!

Labels:
0 Helpful
2 Replies 2

johnlloyd_13
Level 9
Level 9

‎05-26-2012 05:32 AM

Hi,

Did you configure an ACL for your NAT? Try this:

access-list 1 permit 192.168.1.0 0.0.0.255

ip nat inside source list 1 interface g0/1 overload

Sent from Cisco Technical Support iPhone App

0 Helpful

SOcchiogrosso
Level 4
Level 4

‎05-27-2012 02:43 PM

Yes you need an ACL to match the traffic you want to NAT and then you need your NAT statement telling the router to either NAT to an interface or a NAT pool.

Sent from Cisco Technical Support Android App

-- CCNP, CCIP, CCDP, CCNA: Security/Wireless Blog: http://ccie-or-null.net/
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card