IP conflict on inside LAN of router

chiwheels · ‎07-11-2008

I am a new Cisco user and I am configuring a Cisco 877. It is going well with one exception; I have configured the address of the router "self" to be 10.4.19.3, however, when I connect the router I get an IP conflict with the main server which is on IP address 10.4.19.1.

There is no mention of this address anywhere in the router configuration except for a few static entries in the NAT route list for SSH, POP3 etc.

Can you think of any common errors that newbies make in this area.

rskrzek · ‎07-11-2008

hi,

can You show this static NAT's ? maybe is in wrong diresction? :)

regards

romek

chiwheels · ‎07-11-2008

Thank you for such a quick response !

Here is my NAT list; I have overtyped the outside static IP with IP with x.x.x.x as I am not sure what the company policy is on making this external static IP public domain.

I am using gui SDM as I have not got into IOS yet and it is a small router.

BTW, I have disabled DHCP as the main LAN server does that.

Regards

John

!

ip http server

ip http access-class 2

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

ip nat inside source list 1 interface Dialer1 overload

ip nat outside source static tcp x.x.x.x 22 10.4.19.1 22 extendable

ip nat outside source static tcp x.x.x.x 47 10.4.19.1 47 extendable

ip nat outside source static tcp x.x.x.x 143 10.4.19.1 143 extendable

ip nat outside source static tcp x.x.x.x 5901 10.4.19.1 5901 extendable

ip nat outside source static tcp x.x.x.x 5993 10.4.19.1 5993 extendable

!

rskrzek · ‎07-11-2008

IMHO this NAT is wrong

if You want access to 10.4.19.1 from Internet i sugest config this:

ip nat inside source static tcp 10.4.19.1 22 x.x.x.x 22 extendable

ip nat inside source static tcp 10.4.19.1 47 x.x.x.x 47 extendable

ip nat inside source static tcp 10.4.19.1 143 x.x.x.x 143 extendable

ip nat inside source static tcp 10.4.19.1 5901 x.x.x.x 5901 extendable

ip nat inside source static tcp 10.4.19.1 5993 x.x.x.x 5993 extendable

and of course

no ip nat outside source static tcp x.x.x.x 22 10.4.19.1 22 extendable

no ip nat outside source static tcp x.x.x.x 47 10.4.19.1 47 extendable

no ip nat outside source static tcp x.x.x.x 143 10.4.19.1 143 extendable

no ip nat outside source static tcp x.x.x.x 5901 10.4.19.1 5901 extendable

no ip nat outside source static tcp x.x.x.x 5993 10.4.19.1 5993 extendable

because wrong direction of NAT generated virtual IP address 10.4.19.1 and conflict

regards

romek

chiwheels · ‎07-11-2008

Many thanks.

Just so I understand; I did what I did because I thought "source" meant initiator of the connection (i.e. the outside client). Are you saying "source" means provider of the service (i.e. "inside" server) ?

Also, I have designated "VLan1" (the virtual LAN covering the 4 internal LAN ports) as an "inside" interface. Is this right or wrong: i.e. I am assuming "outside" means the internet side.

Regards

John

Edison Ortiz · ‎07-11-2008

John,

That would make too much sense :)

However, the command was structured differently.

Please refer to the following documentation:

http://www.cisco.com/en/US/docs/ios/12_3/ipaddr/command/reference/ip1_i2g.html#wp1079180

and you will find the inside-IP goes before the global-IP.

HTH,

__

Edison.