Solved: NAT is not working - Help

darkbeatzz · ‎09-30-2008

Hi all

When I connect to the switch on my cisco 877w i get an ip address but when I try browse out I am not getting natted. can you tell me why plesae?

HQADSL#sh run

Building configuration...

Current configuration : 3182 bytes

!

version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname HQADSL

!

boot-start-marker

boot-end-marker

!

logging buffered 4096 warnings

!

no aaa new-model

!

resource policy

!

ip subnet-zero

ip cef

no ip dhcp use vrf connected

ip dhcp excluded-address 10.10.10.1

!

ip dhcp pool dhcp-pool

import all

network 10.10.10.0 255.255.255.0

default-router 10.10.10.1

dns-server 159.134.237.6

domain-name telnet

lease 0 2

!

ip name-server 159.134.237.6

!

bridge irb

!

interface ATM0

no ip address

no ip redirects

no ip unreachables

no ip proxy-arp

atm vc-per-vp 64

no atm ilmi-keepalive

pvc 8/35

pppoe-client dial-pool-number 1

!

dsl operating-mode auto

!

interface FastEthernet0

spanning-tree portfast

!

interface FastEthernet1

spanning-tree portfast

!

interface FastEthernet2

spanning-tree portfast

!

interface FastEthernet3

spanning-tree portfast

!

interface Dot11Radio0

no ip address

!

encryption vlan 1 key 1 size 128bit 7 9177AE420031ACF9A58EA67B29DF transmit-key

encryption vlan 1 mode wep mandatory

!

ssid quattro

authentication open

guest-mode

!

speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0

54.0

station-role root

bridge-group 1

bridge-group 1 subscriber-loop-control

bridge-group 1 spanning-disabled

bridge-group 1 block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

!

interface Vlan1

description Internal LAN

no ip address

bridge-group 1

bridge-group 1 spanning-disabled

!

interface Dialer1

ip address negotiated

no ip redirects

no ip unreachables

no ip proxy-arp

ip mtu 1492

ip nat outside

ip virtual-reassembly

encapsulation ppp

dialer pool 1

no cdp enable

ppp authentication chap callin

ppp chap hostname user

ppp chap password password

!

interface BVI1

ip address 10.10.10.1 255.255.255.0

ip nat inside

ip virtual-reassembly

ip tcp adjust-mss 1452

!

ip classless

ip route 0.0.0.0 0.0.0.0 Dialer1

!

no ip http server

no ip http secure-server

ip nat inside source list 101 interface Dialer1 overload

!

ip access-list extended telnet

permit tcp host 1.2.3.4 any eq telnet log

!

dialer-list 1 protocol ip permit

!

control-plane

!

bridge 1 protocol ieee

bridge 1 route ip

banner motd ^CCC

*** WARNING ***

This system is private and may be acccessed only by

authorized users. The system owner reserves the right

to monitor any and all activity taking place on this

system and any attempts to connect to it. Unauthorized

users or users who exceed (or attempt to exceed), their

authorized level of access are subject to prosecution under

any local or international laws that apply as well as Company

initiated proceedings.

^C

!

line con 0

no modem enable

line aux 0

line vty 0 4

access-class telnet in

password xxxxxxxxxxxxxx

login local

transport input telnet ssh

!

scheduler max-task-time 5000

end

HQADSL#

Danilo Dy · ‎09-30-2008

You have NAT configured for ACL 101, however, your ACL 101 is missing.

Try adding this..

!

access-list 101 permit ip 10.10.10.0 0.0.0.255 any

View solution in original post

Danilo Dy · ‎09-30-2008

You have NAT configured for ACL 101, however, your ACL 101 is missing.

Try adding this..

!

access-list 101 permit ip 10.10.10.0 0.0.0.255 any

darkbeatzz · ‎09-30-2008

I just added an extended access-list 101 - permit ip any any and lost connectivity!! having router rebooted at the moment. why would this have happened? is this all it requires to get working?

Danilo Dy · ‎09-30-2008

I will not recommend "any any" use the ACL I provided.

darkbeatzz · ‎09-30-2008

thanks for your help