Simple Routing Issue

Answered Question
Feb 7th, 2012
User Badges:

Afternoon Everyone,


Appologies for such a basic question but i'm just getting started with cisco kit so you will have to bare with me.


I have a cisco 1841,


Fa0/0 has the ip of 192.168.5.20

Fa0/1 has the ip of 10.0.0.1


Fa0/0 goes off to the Default gateway of 192.168.5.254

Fa0/1 goes off to a switch where I have a test machine connected (Ip 10.0.0.5).


From the router I can ping 8.8.8.8 for example and it's fine.


From the test computer I am unable to.


I added the "ip route 0.0.0.0 0.0.0.0 192.168.5.254" which then allow the router to ping 8.8.8.8


I realise I am probably making a very basic mistake but would appriciate some points or hints as to where I am going wrong.


Below is the config:



Password:

R1#show run

Building configuration...



Current configuration : 847 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname R1

!

boot-start-marker

boot-end-marker

!

enable secret 5 $1$wssO$VhBou3PyVzg.IbEz4.4xv/

!

no aaa new-model

!

resource policy

!

mmi polling-interval 60

no mmi auto-configure

no mmi pvc

mmi snmp-timeout 180

ip subnet-zero

ip cef

!

!

no ip dhcp use vrf connected

!

!

no ip domain lookup

!

!

!

!

interface FastEthernet0/0

ip address 192.168.5.20 255.255.255.0

duplex auto

speed auto

!

interface FastEthernet0/1

ip address 10.0.0.1 255.255.255.0

duplex auto

speed auto

!

ip classless

ip route 0.0.0.0 0.0.0.0 192.168.5.254

!

no ip http server

!

!

control-plane

!

!

line con 0

line aux 0

line vty 0 4

password test

logging synchronous

login

line vty 5 15

password test

logging synchronous

login

!

end





If anyone could help that would be greatly appriciated.


Am I right in thinking I would have to create some sort of NAT rule from the inside to outside. or am I going down the wrong path here

Correct Answer by cadet alain about 5 years 6 months ago

Hi,


yes you're right, just do NAT and it shall work:

access-list 1 permit 10.0.0.0 0.0.0.255

ip nat inside source list 1 interface f0/0

int f0/0

ip nat outside

int f0/1

ip nat inside


Regards.


Alain.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
cadet alain Tue, 02/07/2012 - 12:55
User Badges:
  • Purple, 4500 points or more

Hi,


yes you're right, just do NAT and it shall work:

access-list 1 permit 10.0.0.0 0.0.0.255

ip nat inside source list 1 interface f0/0

int f0/0

ip nat outside

int f0/1

ip nat inside


Regards.


Alain.

newtocisco2012 Tue, 02/07/2012 - 13:12
User Badges:

Thank you for your fast reply alain.


Just to get this correct so I understand, all we have done here is effectively called fa0/0 outside and 0/1 inside.


A new access list has been created for the network 10.0.0.0


We have then told the router that if any traffic from the inside interface in list 1 matches 10.0.0.0 to send it to the outside interface 0/0

cadet alain Tue, 02/07/2012 - 14:06
User Badges:
  • Purple, 4500 points or more

Hi,

any source address matching access-list 1 entering the inside interface will get translated to the IP address of the outside interface along with a port number so this is called NAT overload( many to one). So from the outside the source IP is the outside IP.


Regards.


Alain

Actions

This Discussion

Related Content