LAN/WAN Problem

oneirishpollack · ‎01-27-2009

I apologize if this is not the right thread.....

Can someone take a look at my setup and advise on what I am doing something wrong.

I have a comcast modem, cisco 3600 router, cisco 3500 switch, 2 computers.

I want to use the router to connect my internal network (10.1.8.0/24) to the Internet.

My internal network is: 10.1.8.0/24

My comcast IP assigned dynamically to the router interface is: 71.67.74.75

Below is the output of a 'sh run' on the 3600:

"version 12.3

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname Router

!

boot-start-marker

boot-end-marker

!

username xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

no aaa new-model

ip subnet-zero

!

ip name-server 68.87.73.242

ip name-server 68.87.73.226

!

ip dhcp pool DHCP

import all

!

ip cef

!

interface FastEthernet1/0

description Internet

ip address dhcp

duplex auto

speed auto

no clns route-cache

!

interface FastEthernet3/0

description Internal LAN

ip address 10.1.8.1 255.255.255.0

duplex auto

speed auto

no clns route-cache

!

ip nat inside source list 100 interface FastEthernet3/0 overload

no ip http server

ip classless

ip route 0.0.0.0 0.0.0.0 71.63.64.1

!

access-list 100 permit ip any any

!

line con 0

line aux 0

line vty 0 4

password 7 xxxxxxxxxxxxxxxxxxxxxxxx

login local

!

end"

************************************

My router can ping www.yahoo.com

My router can ping 10.1.8.103 (one pc on my network)

My node can ping 10.1.8.1 (static addressed assigned to LAN interface. (int F3/0))

My node can ping 10.1.8.100 (another pc on my network)

My node can ping 71.67.74.75 (dhcp address assigned to Internet interface. (int fa1/0))

My node cannot ping public addresses outside of my directly connected interfaces.

What am I doing wrong?

Thanks,

The Irish Pollack

mahmoodmkl · ‎01-27-2009

Hi

u should have ip nat outside under u r f1/0.

ip nat inside source list 100 interface FastEthernet1/0 overload

Thanks

Mahmood

Richard Burts · ‎01-27-2009

Irish Pollack

The main issue that I see is with address translation. You do not have configured any inside interface or outside interface for NAT. I suggest that you configure the FastEthernet3/0 as the nat inside interface and FastEthernet1/0 as the nat outside interface. Do this and let us know if it works better.

[edit] and as Mahmood points out your overload is on the wrong interface.

HTH

Rick

HTH

Rick

Mark Yeates · ‎01-27-2009

The problem is that you are missing the inside and outside NAT statements under the interfaces.

Please add the following to your config:

interface FastEthernet1/0

ip nat outside

interface FastEthernet3/0

ip nat inside

no ip nat inside source list 100 interface FastEthernet3/0 overload

ip nat inside source list 100 interface FastEthernet1/0 overload

HTH,

Mark

oneirishpollack · ‎01-27-2009

You guys are great.

Thanks for the help.