NAT Cisco 2901 - Page 2

Jerson Luiz de Paula Junior · ‎03-11-2012

I am attempting to configure a Cisco 2901 router using IOS 15 to properly perform NAT/PAT translation between LAN and the internet connection.

My Configuration:

interface GigabitEthernet0/0

ip address dhcp

ip nat outside

ip virtual-reassembly

no ip route-cache

duplex auto

speed auto

no cdp enable

no mop enabled

!

interface ISM0/0

no ip address

no ip route-cache

shutdown

service-module fail-open

no cdp enable

!

hold-queue 60 out

!

interface ISM0/1

no ip address

no ip route-cache

shutdown

no cdp enable

!

interface GigabitEthernet0/1

ip address 10.1.1.1 255.255.255.0

ip nat inside

ip virtual-reassembly

no ip route-cache

duplex auto

speed auto

no cdp enable

!

ip forward-protocol nd

!

no ip http server

no ip http secure-server

!

ip nat inside source list 1 interface GigabitEthernet0/0 overload

ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0

!

access-list 1 permit 10.1.1.0 0.0.0.255

!

But Nat no work

Any ideas?

Dan-Ciprian Cicioiu · ‎03-12-2012

Hi,

Besides I do not know what kind of internet access do you have , using private IPs ( 192.168.0/24 ) you have a little config issue :

no ip routing

no ip cef

Enable routing and cef :

conf t

ip routing

ip cef

end

wr mem

Dan

Jan Hrnko · ‎03-12-2012

Hi,

you are right! I have not seen it in the second configuration posted. It is most likely causing problems.

Best regards,

Jan

Jerson Luiz de Paula Junior · ‎03-12-2012

conf t

ip routing

ip cef

end

wr mem

and nothing

Jerson Júnior

Jerson Luiz de Paula Junior · ‎03-12-2012

I do not know what is happening, I have a Cisco 3640 with NAT Running!

Jerson Júnior

Dan-Ciprian Cicioiu · ‎03-13-2012

Hi ,

please post :

ping 8.8.8.8

show ip route

show ip inter brie

Dan

Jerson Luiz de Paula Junior · ‎03-13-2012

ping 8.8.8.8

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 24/28/44 ms

show ip route

Default gateway is 192.168.0.1

Host Gateway Last Use Total Uses Interface

ICMP redirect cache is empty

show ip inter brie

Interface IP-Address OK? Method Status Protocol

Embedded-Service-Engine0/0 unassigned YES NVRAM administratively down down

GigabitEthernet0/0 192.168.0.128 YES DHCP up up

GigabitEthernet0/1 10.1.1.1 YES NVRAM up up

Serial0/0/0 unassigned YES NVRAM administratively down down

NVI0 unassigned YES unset administratively down down

Dan-Ciprian Cicioiu · ‎03-13-2012

IP routing is not enabled !

Enable ip routing

conf t

ip routing

end

After that , please paste show ip route

Dan

Jerson Luiz de Paula Junior · ‎03-13-2012

ip routing enable but now ping to external not work

Gateway of last resort is 0.0.0.0 to network 0.0.0.0

S* 0.0.0.0/0 is directly connected, GigabitEthernet0/0

192.168.0.0/24 is variably subnetted, 2 subnets, 2 masks

C 192.168.0.0/24 is directly connected, GigabitEthernet0/0

L 192.168.0.128/32 is directly connected, GigabitEthernet0/0

Dan-Ciprian Cicioiu · ‎03-14-2012

Hi,

That's ok.

You should change the default route

conf t

no ip route 0.0.0.0 0.0.0.0 Gi0/0

ip route 0.0.0.0 0.0.0.0 192.168.0.1

end

Try to access the internet. Tell me the result.

Dan

Jerson Luiz de Paula Junior · ‎03-14-2012

Nothing

I have a 3640 an NAT works with this configuration:

interface Ethernet0/0

ip address 10.1.1.253 255.255.255.0

ip nat inside

half-duplex

!

interface Ethernet1/0

no ip address

shutdown

half-duplex

!

interface FastEthernet2/0

description ### Internet GVT ###

ip address dhcp

ip nat outside

duplex auto

speed auto

!

ip default-gateway 192.168.1.1

ip nat inside source list 7 interface FastEthernet2/0 overload

ip nat inside source list 101 interface Ethernet0/0 overload

ip nat inside source static 10.1.1.253 192.168.1.4

ip nat inside source static tcp 10.1.1.253 80 192.168.1.2 80 extendable

ip classless

ip route 0.0.0.0 0.0.0.0 192.168.1.1

no ip http server

!

access-list 7 permit 10.1.1.0 0.0.0.255

Dan-Ciprian Cicioiu · ‎03-14-2012

Please paste "show ip route" from your Cisco 2901

Regards

Dan

Jerson Luiz de Paula Junior · ‎03-14-2012

Hi Everyone

Nat Works Now

Configuration:

interface GigabitEthernet0/0

ip address 192.168.1.4 255.255.255.0

ip nat outside

no ip virtual-reassembly in

duplex auto

speed auto

no cdp enable

no mop enabled

!

interface GigabitEthernet0/1

ip address 10.1.1.254 255.255.255.0

ip nat inside

no ip virtual-reassembly in

duplex auto

speed auto

no cdp enable

!

interface Serial0/0/0

no ip address

shutdown

no fair-queue

clock rate 2000000

!

ip default-gateway 192.168.1.1

ip forward-protocol nd

!

no ip http server

no ip http secure-server

!

ip nat inside source list 1 interface GigabitEthernet0/0 overload

ip nat inside source list 101 interface GigabitEthernet0/1 overload

ip nat inside source static 10.1.1.254 192.168.1.4

ip route 0.0.0.0 0.0.0.0 192.168.1.1

!

access-list 1 permit 10.1.1.0 0.0.0.255

Dan-Ciprian Cicioiu · ‎03-14-2012

Which was the solution ?

Dan

Jerson Luiz de Paula Junior · ‎03-14-2012

I think the solution was:

ip nat inside source static 10.1.1.254 192.168.1.4

ip route 0.0.0.0 0.0.0.0 192.168.1.1