Dynamic PAT with DHCP assignet address support

Unanswered Question
Nov 2nd, 2007
User Badges:

Hello all


I have the following configuration but I'm not shure is this really supported on the IOS 12.3(24)I running on.


ISP/Internet--Cable Modem--Router--LAN

DHCP--|--192.168.1.0/24


ISP provide dynamic assignet ip address by DHCP to the router outside interface fa0/0. Inside is a private ip range (192.168.1.1) on fa0/1 configured. Inside private address use dynamic PAT to reach the internet via the interface fa0/0 (outside).


With this configuration I can access the internet with the web browser but I can not ping or do any vpn access to a global internet address.

When I configure a satic address to the interface fa0/0 it works but just for one address.


here the relevant configuration of the router


interface FastEthernet0/0

description Pulic Network

ip address dhcp

ip nat outside

!

interface FastEthernet0/1

description Privat Network

ip address 192.168.1.1 255.255.255.0

ip nat inside


ip nat inside source route-map nat interface FastEthernet0/0 overload


*** Static NAT configuration ***

(ip nat inside source static 192.168.1.10 interface fa0/0)


access-list 101 permit ip 192.168.1.0 0.0.0.255


route-map nat permit 10

match ip address 101


ip route 0.0.0.0 0.0.0.0 FastEthernet0/0

Thanks for any replay

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
fflamslam Sat, 11/10/2007 - 15:30
User Badges:

Here's the config that I use on my 1751 router. I am running 12.4 have the exact same sceanrio as you... cable modem (DHCP IP)-router-lan. See if this works for you as well. I also have a few NAT entries that I use to get back inside as well. The IP routes that point to NULL0 are known subnets that are typically spoofed (I believe).


Rick




rfuchser Tue, 11/13/2007 - 20:56
User Badges:

Hello Rick


thank you for the replay. It seems this is not supported on the IOS 12.3 version. My configuration looks simalar as yours. I attached my configuration with changed passwords and ip addresses. A ping from a inside host to the outside is only working when I configure:



ip nat inside source static xxx.xxx.xxx.xxx interface fastethernet 0/0,


but i can just configure one static nat entry. As soon I configure a secondary static configuration for a inside host the first static configuration is overwriten. IOS 12.4 is not supported on my Cisco2621 router, so the last version I can use is 12.3.


Rolf




Actions

This Discussion