Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
541
Views
0
Helpful
1
Replies

Configure ME 3600x for LAN Client Internet Access

KTOKTO
Level 1
Level 1

‎05-14-2018 02:49 PM - edited ‎03-08-2019 03:00 PM

I have a situation where I need to use a ME3600 to do NAT and DHCP to provide clients internet access through the router. 

 

In my configuration below. I have int gi0/1 plugged in to a residential cable modem that provides a DHCP address on the internet. 

 

I will be plugging ports gi0/23 and gi0/24 to two wireless access points. 

 

With the configuration below. I can ping from the 3600 to the internet from the lan source IP 172.16.0.1 just fine. Also, If I plug a laptop in to ports gi0/23 and gi0/24 I get a local DHCP address from the dhcp pool and I can ping the gateway address 172.16.0.1 from the laptop. 

 

I cannot, however ping from the laptop to the internet. I think there is something wrong with my ip nat overload statement but I cannot figure out what it wrong.

 

Here is the config I am currently running, any corrections or suggestions are appreciated! 

 

 

!
hostname Switch
!
!
!
no aaa new-model
ip routing
!
ip dhcp excluded-address 172.16.0.1 172.16.0.30
!
ip dhcp pool VLAN777
import all
network 172.16.0.0 255.255.252.0
dns-server 4.2.2.2 8.8.8.8
default-router 172.16.0.1
lease 0 8
!
!
!
ipv6 multicast rpf use-bgp
!
!
!
!
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
diagnostic bootup level minimal
!
!
transceiver type all
monitoring
vlan internal allocation policy ascending
!
vlan 777
name Internet
!
!
!
!
interface GigabitEthernet0
no ip address
shutdown
speed auto
duplex auto
negotiation auto
!
interface GigabitEthernet0/1
description "WAN TO ISP"
no switchport
ip address dhcp
ip nat outside
no cdp enable
!

interface GigabitEthernet0/23
description "To AP2"
switchport access vlan 777
!
interface GigabitEthernet0/24
description "To AP1"
switchport access vlan 777
!
interface Vlan1
no ip address
shutdown
!
interface Vlan777
ip address 172.16.0.1 255.255.252.0
ip nat inside
!
ip nat inside source list 100 interface GigabitEthernet0/1 overload
ip forward-protocol nd
!
!
access-list 100 permit ip any any
!
!
!
Labels:
0 Helpful
1 Reply 1

KTOKTO
Level 1
Level 1

‎05-15-2018 08:52 AM

I turned on ip nat debug and am seeing the translations when I ping 8.8.8.8 from the router using the inside interface's source IP of 172.16.0.1. 

 

However I do not see any translations if I ping the internet from my laptop plugged in to port 24 on the router. 

0 Helpful
Customers Also Viewed These Support Documents