01-26-2013 11:35 AM - edited 03-07-2019 11:20 AM
Hello,
I have got a Cisco router connected to by broadband line and I receive a public IP address fine on 0/0 and I can ping external addresses as well. But for some reason internal clients cannot access the internet. I think I have set the NAT up correctly but I wondered if someone can help with it as I must have done something wrong...?
Thanks,
Mark
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Joe
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$xxxG8H/
enable password xxxxxx
!
no aaa new-model
no network-clock-participate slot 1
no network-clock-participate wic 0
no ip cef
!
!
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
ip dhcp client client-id hex 37633463613534363032383840736B7964736C7C36692F317035683933554477537775
ip dhcp client class-id hex 37633463613534363032383840736B7964736C7C36692F317035683933664477537775
ip dhcp client lease 365 0 0
ip address dhcp
ip nat outside
ip virtual-reassembly
no ip route-cache
speed 100
full-duplex
!
interface Serial0/0
no ip address
no ip route-cache
shutdown
!
interface FastEthernet1/0
ip address 192.168.80.200 255.255.255.0
ip nat inside
ip virtual-reassembly
no ip route-cache
speed auto
full-duplex
no mop enabled
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 FastEthernet0/0
!
ip http server
no ip http secure-server
!
access-list 1 permit 192.168.80.0 0.0.0.255
access-list 1 permit any
!
!
control-plane
!
!
!
!
line con 0
line aux 0
line vty 0 4
password xxxxx
login
!
!
end
Solved! Go to Solution.
01-26-2013 11:48 AM
There is no nat rule. You can change that with the following commands:
ip access-list standard 1
no permit any
!
ip nat inside source list 1 int fast 0/0 overload
And in addition to that. You probably get a default-route with DHCP. So you should delete your manually configured route:
no ip route 0.0.0.0 0.0.0.0 fast 0/0
--
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni
01-26-2013 11:48 AM
There is no nat rule. You can change that with the following commands:
ip access-list standard 1
no permit any
!
ip nat inside source list 1 int fast 0/0 overload
And in addition to that. You probably get a default-route with DHCP. So you should delete your manually configured route:
no ip route 0.0.0.0 0.0.0.0 fast 0/0
--
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni
01-26-2013 12:43 PM
When I removed the route the router could no longer access the internet even though it had a valid PtP connection. I then added in the route again with the ptp address as the gw and it all works now. great!
Thank you!
01-26-2013 02:37 PM
Strange, I think you really should get a default-gateway through DHCP. There are some negative side-effects in pointing a default-route to a broadcast-interface. Try the following default-route instead of the one you configured:
no ip route 0.0.0.0 0.0.0.0 fast 0/0
ip route 0.0.0.0 0.0.0.0 dhcp
--
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide