1721 and WIC-1ADSL /NAT

Unanswered Question
Oct 13th, 2007

I have a Ciso 1721 with WIC-1ADSL that I am trying to connect to my internet account.

I've used SDM to set up my WIC-1ADSL card as well as mapping my static IP addresses to my internal addresses using NAT. The static addresses point to my web server / email server etc.

My WIC-1ADSL card is recognised and all the LED's come on and stay static (appart from the the LP LED as its not configured) when connected to my ADSL line. I make a connection to my 1548 switch using the FastEthernet0 post on the 1721. I have a WIC-1ENET card installed which im not using.

I can ping all the internal computers, but not make the final connection to the outside world. I've previously been using a DLINK access point with an ethernet address of 192.168.0.1, and this has been the IP address that I used as the default gateway when setting up the static addresses on my hosts. I've assigned 192.168.0.1 to my FastEthernet0 port, so is this the same principle ?

I'm not sure where the problem lies and dont know if its a config problem with the WIC-1ADSL or the way that I am using the IP addresses.

As a side note, I see that some people tell you to use extended NAT access lists which include the port number, some just use simple nat access lists without the port number. Does this make much difference and could this be blocking connections.

I've attached my running-config as well as the output from show int Dialer0 and the Debug atm events.

I'm not sure about the debugging and whether this is indicating that the ATM interface has negioated the ipaddress and made a connection. The error would then lay with my internal ip set-up.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Paolo Bevilacqua Sat, 10/13/2007 - 11:40

Hi,

is also the dynamic address got by dialer rout able ? can you ping from router to internet ?

I would try exclude the hosts using static nat from ACL.

alsoy you don't need few commands here and there, but that is not the problem.

Finally please add "ip nat outside" unter atm0.1

rjdavison Sat, 10/13/2007 - 14:44

I'm not sure if the dynamic address got by the router is routable or not ?? what would I need to do if it is ?

I can ping my internal network, but not sites like google.

'I would try exclude the hosts using static nat from ACL'. Sorry, I dont understand this, can you please expand.

Do I remove 'ip nat outside' from the Dialer0 interface or should I have it included on both the Dialer0 and ATM0.1 interfaces ???

Thanks in advance.

Paolo Bevilacqua Sat, 10/13/2007 - 15:38

can you ping by ip ? (try 4.2.2.1 that's fast to type)

if you can't, means the dialer interface address is not routable, you got to source packets from the pool of IPs given to you, that means you should configure them as a nat pool, even of 1 address, excluded from the static.

And yes please have ip nat outside both under atm0.1 and dialer0.

rjdavison Sat, 10/13/2007 - 17:27

nope Cant ping 4.2.2.1 or anything externaly. Only my internal 192,168,0.x network responds.

im guessing that I need to do something along the lines of...

ip nat pool xx.xx.xx.xx xx.xx.xx.xx netmask xx.xx.xx.xx but im lost as to what ip addresses go where.

My WAN ip address is: 83.67.114.101

My LAN ip addresses are: 83.67.67.49/29

So are you saying that I need something along the lines of..

ip nat inside source list 1 interface Dialer0 overload

ip nat pool 83.67.67.49 83.67.67.54 255.255.255.0

ip nat inside source static 192.168.0.2 83.67.67.50

ip nat inside source static 192.168.0.3 83.67.67.51

ip nat inside source static 192.168.0.4 83.67.67.52

ip nat inside source static 192.168.0.5 83.67.67.53

ip nat inside source static 192.168.0.6 83.67.67.54

ip nat inside source static 192.168.0.7 83.67.67.55

I've started my static at 83.67.67.50 and not 83.67.67.49 as im taking it that this then gets maped to the Dialer0 port ?????

Thanks for taking time to help me. Its driving me nuts !

I've attached some output from show ip nat translations if it is of any help ???

Paolo Bevilacqua Sun, 10/14/2007 - 04:19

Hi,

please send "show ip int brief".

We can discuss all the nat variations, but first the router has to ping, and it doesn't.

To try if the addresses for LAn are working, configure one under loopbac ero with mas 255.255.255.255

then try "ping 4.2.2.1 source loop0"

rjdavison Sun, 10/14/2007 - 11:48

Here goes....

router.casezero.net#ping 4.2.2.1 source loopback0

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 4.2.2.1, timeout is 2 seconds:

Packet sent with a source address of 4.2.2.1

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms

router.casezero.net#show ip interface brief

Interface IP-Address OK? Method Status Protocol

ATM0 unassigned YES NVRAM down down

ATM0.1 unassigned YES unset down down

Dialer0 unassigned YES NVRAM up up

Ethernet0 192.168.0.6 YES NVRAM administratively down down

FastEthernet0 192.168.0.1 YES NVRAM up down

Loopback0 4.2.2.1 YES manual up up

NVI0 unassigned NO unset up up

Virtual-Access1 unassigned YES unset up up

Virtual-Access2 unassigned YES unset down down

Paolo Bevilacqua Sun, 10/14/2007 - 15:42

You are not getting an ip address on dialer0. Try assigning the IP WAN you mentioned before under dialer0, then again try ping some internet.

I didn't meant to configure 4.2.2.1 under loop0, but never mind.

Actions

This Discussion