Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
381
Views
0
Helpful
1
Replies

nat

Fouad Ata
Level 1
Level 1

‎11-04-2015 11:26 AM - edited ‎03-08-2019 02:34 AM

Hello,

I have a Cisco router 3800 and i am trying to use it for our Guest WiFi Internet Access

the installation is as shown within attached image

I am trying to use this oruter for clients with IPs 192.168.103.0/24 to access the internet.

I tried to create a NAT with no result.

Please check the Config below

Router#show running-config
Building configuration...

Current configuration : 1054 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
ip cef
!
!
!
!
!
!
!
!
!
interface GigabitEthernet0/0
description WAN
ip address 177.*.*.117 255.255.255.128
ip nat outside
duplex auto
speed auto
media-type rj45
!
interface GigabitEthernet0/1
description LAN
ip address 192.168.150.1 255.255.255.0
ip nat inside
duplex auto
speed auto
media-type rj45
!
interface GigabitEthernet0/0/0
no ip address
shutdown
negotiation auto
!
interface GigabitEthernet0/1/0
no ip address
shutdown
negotiation auto
!
interface Serial0/2/0
no ip address
shutdown
clock rate 2000000
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 177.*.*.126
!
ip http server
ip nat inside source list 1 interface GigabitEthernet0/1 overload
!
access-list 1 permit 0.0.0.0 255.255.255.0
access-list 1 permit any
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
login
!
scheduler allocate 20000 1000
!
end

Router#

Please can you guide me to establish this config.

Thx

Labels:
0 Helpful
1 Reply 1

Milos Megis
Level 3
Level 3

‎11-05-2015 05:58 AM

1st thing: in ip nat inside command you must enter outside interface so command should be:

ip nat inside source list 1 interface GigabitEthernet0/0 overload

2nd thing: I don´t see purpose of "access-list 1 permit 0.0.0.0 255.255.255.0" command if you finally permit all.

And finally Wifi controller will not perform NAT - so if you want to use different network range than between controller and router, you will must configure trunk between router and controller and configure inter vlan routing with subinterfaces.
Or if you don´t want to configure subinterfaces and VLANs you can have it all on one VLAN, but you will enter secondary ip address for clients on int Gi0/1.

Don´t forget that management IP address of WLC must be reachable by AP to establish CAPWAP connetion.

0 Helpful
Customers Also Viewed These Support Documents