Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

2811 router NAT/Routing issue ( Urgent)

Hello All,

Can you please look at my configuration and suggest your ideas.

My Current network details:-

Br_router- HQ router- Etisalat ISPCloud for internet

- Branch ofc router and HQ are connected with a Leased line .

-From HQ router Internet link is connected from ISP on a Fast ethernet port.

-Between Branch office and HQ Eigrp 1 is configured and able to ping till HQ.

-From HQ default route is configured towards ISP ip address to access internet from router.

-After this HQ router is able to ping Outside WWW world.

*- To allow Branch office also to access the same HQ internet i have configured PAT with access-list allowing Branch ofc network on HQ router , but still i can not able to access/ping internet.

Configuration:-

HQ router:-

Interface ser 0/3/1 (leasedline ->Branch)

ip address 172.30.1.10 255.255.255.0

no shut

interface fa 0/1 ( ISP connection)

ip add 194.170.133.126 255.255.255.252

no shut

Router Eigrp 1

network 172.30.0.0 0.0.255.255

no auto-summary

-ip route 0.0.0.0 0.0.0.0 194.170.133.125

(default route for ISP link)

-ip nat pool INTERNET 94.56.64.120 94.56.64.127 netmask 255.255.255.248

-ip nat inside source list 1 pool INTERNET overload

access-list 1 permit 172.30.0.0 0.0.255.255

access-list 1 permit 192.168.20.0 0.0.0.255

BR office router:-

Interface serial0

ip add 172.30.1.20 255.255.255.0

no shut

router eigrp 1

redistribute connected

network 172.30.1.0

no auto-summary

After configuring above configuration i am not able to ping 194.170.133.125 ip address which is the ISP end ip from Branch office router and not able

to ping www world.

at Branch off router , my trace is not crossing beyond 172.30.1.10.

at the other end at HQ router i am able to ping 194.170.133.125 and ping www world .

Thanks for all your support.

2 ACCEPTED SOLUTIONS

Accepted Solutions
New Member

Re: 2811 router NAT/Routing issue ( Urgent)

As Jon stated, put:

"ip nat inside" under your serial connection to Br

If this still fails, then make sure.

1. 94.56.64.120 - 94.56.64.127 is the correct range of public IPs you are allocated.

2. HQ has a route for the 192.168.x.x segment.

Hall of Fame Super Blue

Re: 2811 router NAT/Routing issue ( Urgent)

Mirza

The branch router needs a default route for internet destinations.

As Kevin suggests easiest thing is to add this to your config on HQ router

router eigrp 1

redistribute static

that way the default route configured on the HQ router will be passed to the branch router.

Where are we this, is it still not working ? If not can you add the above and also ensure you have added "ip nat inside" to the serial interface on HQ router and then retest and let us know.

Jon

11 REPLIES
Hall of Fame Super Blue

Re: 2811 router NAT/Routing issue ( Urgent)

Mirza

I'm assuming you have been allocated the 94.56.64.x addresses you have used in your NAT pool ?

Under your interfaces on the HQ router have you configured "ip nat inside" and "ip nat outside" ie.

HQ router

int s0/3/1

ip nat inside

int fa0/1

ip nat outside

Jon

New Member

Re: 2811 router NAT/Routing issue ( Urgent)

Hello John,

Thanks for your reply!

I have configured "Ip Nat outside on fa 0/1 port on HQ router, but did not configure "IP nat inside on se 0/3/1 interface.

Do we need this to be configured?

Also do we need IP NAT inside/outside on Branch router Ser 0 interface ?

Please explain incase if it requires.

Thanks,

Mirza.

Hall of Fame Super Blue

Re: 2811 router NAT/Routing issue ( Urgent)

Mirza

"I have configured "Ip Nat outside on fa 0/1 port on HQ router, but did not configure "IP nat inside on se 0/3/1 interface.

Do we need this to be configured?"

Yes you do.

"Also do we need IP NAT inside/outside on Branch router Ser 0 interface ?"

No you don't.

Jon

New Member

Re: 2811 router NAT/Routing issue ( Urgent)

Hi,

Add default route on branch router towards HQ.

New Member

Re: 2811 router NAT/Routing issue ( Urgent)

Hello Surya,

I tried putting default routes at Branch router several times , but internet didn't work.

Following default routes i tried one by one and checked -

ip route 0.0.0.0 0.0.0.0 194.170.133.125

ip route 0.0.0.0 0.0.0.0 194.170.133.126

ip route 0.0.0.0 0.0.0.0 172.30.1.10

after all this my trace was reaching 194.170.133.126 ip....which is our end ISP IP while giving trace as

Traceroute 194.170.133.125.

I dont think its a default route issue, may be something to do with NAT ...

Thanks,

Mirza.

New Member

Re: 2811 router NAT/Routing issue ( Urgent)

Mirza

I don't know if you kept this line in

ip route 0.0.0.0 0.0.0.0 172.30.1.10

but you DO need it, or at least stick a redistribute static on the HQ router.

New Member

Re: 2811 router NAT/Routing issue ( Urgent)

Hello,

I have configured Eigrp between HQ and Branch locations ,so can you plz explain why we need a static route at Branch router.

Thanks,

Mirza.

Hall of Fame Super Blue

Re: 2811 router NAT/Routing issue ( Urgent)

Mirza

The branch router needs a default route for internet destinations.

As Kevin suggests easiest thing is to add this to your config on HQ router

router eigrp 1

redistribute static

that way the default route configured on the HQ router will be passed to the branch router.

Where are we this, is it still not working ? If not can you add the above and also ensure you have added "ip nat inside" to the serial interface on HQ router and then retest and let us know.

Jon

New Member

Re: 2811 router NAT/Routing issue ( Urgent)

As Jon stated, put:

"ip nat inside" under your serial connection to Br

If this still fails, then make sure.

1. 94.56.64.120 - 94.56.64.127 is the correct range of public IPs you are allocated.

2. HQ has a route for the 192.168.x.x segment.

New Member

Re: 2811 router NAT/Routing issue ( Urgent)

Hello,

After giving IP NAT inside at HQ router ,still Branch router is not able to ping HQ ISP end IP .

NAT Pool is correctly configured, as i re-confirmed.

Do we need IP NAT inside on Branch router also?

Thanks,

Mirza.

New Member

Re: 2811 router NAT/Routing issue ( Urgent)

All,

Issue has been resolved after giving the same IP NAT inside on HQ router .

My sincere thanks for all of your great and prompt response :).

Thanks,

Mirza.

188
Views
5
Helpful
11
Replies
CreatePlease to create content