LAN/WAN Problem

Unanswered Question
Jan 27th, 2009
User Badges:

I apologize if this is not the right thread.....


Can someone take a look at my setup and advise on what I am doing something wrong.


I have a comcast modem, cisco 3600 router, cisco 3500 switch, 2 computers.


I want to use the router to connect my internal network (10.1.8.0/24) to the Internet.


My internal network is: 10.1.8.0/24

My comcast IP assigned dynamically to the router interface is: 71.67.74.75


Below is the output of a 'sh run' on the 3600:



"version 12.3

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname Router

!

boot-start-marker

boot-end-marker

!

!

username xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

no aaa new-model

ip subnet-zero

!

!

ip name-server 68.87.73.242

ip name-server 68.87.73.226

!

ip dhcp pool DHCP

import all

!

ip cef

!

!

!

interface FastEthernet1/0

description Internet

ip address dhcp

duplex auto

speed auto

no clns route-cache

!

interface FastEthernet3/0

description Internal LAN

ip address 10.1.8.1 255.255.255.0

duplex auto

speed auto

no clns route-cache

!

ip nat inside source list 100 interface FastEthernet3/0 overload

no ip http server

ip classless

ip route 0.0.0.0 0.0.0.0 71.63.64.1

!

!

access-list 100 permit ip any any

!

!

!

!

!

!

!

!

line con 0

line aux 0

line vty 0 4

password 7 xxxxxxxxxxxxxxxxxxxxxxxx

login local

!

!

end"


************************************


My router can ping www.yahoo.com

My router can ping 10.1.8.103 (one pc on my network)


My node can ping 10.1.8.1 (static addressed assigned to LAN interface. (int F3/0))

My node can ping 10.1.8.100 (another pc on my network)

My node can ping 71.67.74.75 (dhcp address assigned to Internet interface. (int fa1/0))


My node cannot ping public addresses outside of my directly connected interfaces.



What am I doing wrong?


Thanks,


The Irish Pollack




  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
mahmoodmkl Tue, 01/27/2009 - 07:44
User Badges:
  • Gold, 750 points or more

Hi


u should have ip nat outside under u r f1/0.


ip nat inside source list 100 interface FastEthernet1/0 overload


Thanks

Mahmood

Richard Burts Tue, 01/27/2009 - 07:45
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Irish Pollack


The main issue that I see is with address translation. You do not have configured any inside interface or outside interface for NAT. I suggest that you configure the FastEthernet3/0 as the nat inside interface and FastEthernet1/0 as the nat outside interface. Do this and let us know if it works better.


[edit] and as Mahmood points out your overload is on the wrong interface.


HTH


Rick

Mark Yeates Tue, 01/27/2009 - 07:48
User Badges:
  • Gold, 750 points or more

The problem is that you are missing the inside and outside NAT statements under the interfaces.


Please add the following to your config:


interface FastEthernet1/0

ip nat outside


interface FastEthernet3/0

ip nat inside


no ip nat inside source list 100 interface FastEthernet3/0 overload


ip nat inside source list 100 interface FastEthernet1/0 overload


HTH,

Mark






Actions

This Discussion