Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Can anyone check this for me, nat overload, static and default routes, dhcp

VA has DHCP on fa0/0 and will have last good address for the gateway and will reserve 20 IP's for admin devices.
VA fa0/1 will be using static IP addressing and will be using the last good address as the default gateway address.
Serial links will use the 50.75.120.0/30 network on all serials.
Default route set to main via VAs next hop.
VA will be using NAT overload to Main via local interface.
VA
Fa0/0= 172.16.81.254
Fa0/1=172.16.82.126
S0/0/0=50.75.120.130

Main s0/0/1= 50.75.120.129 with a clock rate of 128kbps



Building configuration...

Current configuration : 1376 bytes
!
version 12.4
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname VA
!
!
!
enable secret 5 $1$mERr$3nisV1NYMTmTN5PhTMBC2/
enable password insurance
!
!
ip dhcp excluded-address 172.16.81.235 172.16.81.254
!
ip dhcp pool VA-dhcp
network 172.16.80.0 255.255.254.0
default-router 172.16.81.254
!
!
!
!
!
!
!
!
!
spanning-tree mode pvst
!
!
!
!
interface FastEthernet0/0
ip address 172.16.81.254 255.255.254.0
ip nat inside
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 172.16.82.126 255.255.255.128
ip nat inside
duplex auto
speed auto
!
interface Serial0/0/0
ip address 50.75.100.130 255.255.255.252
ip nat outside
!
interface Serial0/0/1
no ip address
shutdown
!
interface Vlan1
no ip address
shutdown
!
ip nat inside source list 1 interface Serial0/0/0 overload
ip nat inside source list 2 interface Serial0/0/0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0/0/1
ip route 50.74.100.128 255.255.255.252 50.74.100.130
!
!
access-list 1 permit 172.16.0.0 0.0.255.255
access-list 2 permit 172.16.0.0 0.0.255.255
!
banner motd ^C
Restricted access to all unauthorized users, proceed at your will. Unauthorized users will be prosecuted to the extend of the law. ^C
!
!
!
!
line con 0
password shots
login
!
line aux 0
!
line vty 0 4
password xrays
login
!
!
!
end


VA(config)#

A network beginner, thank you in advance :))



Sent from Cisco Technical Support iPhone App

4 REPLIES
Green

Can anyone check this for me, nat overload, static and default r

Reyna,

I can see a couple of issues

Your static routes:-

!
ip route 0.0.0.0 0.0.0.0 Serial0/0/1
ip route 50.74.100.128 255.255.255.252 50.74.100.130
!

Ser 0/0/1 is shut and has no ip addressing.
The route to 50.74.100.128 has no way to reach the next hop 50.74.100.130

Your NAT translations are both the same therfore only one is effective.


Just tidy up a little:-


The only static route you need is a default route:-

!
ip route 0.0.0.0 0.0.0.0 50.75.100.129
!

The NAT only requires one list and trans pointing out the outside interface

!
ip nat inside source list 1 interface Serial0/0/1 overload
!
access-list 1 permit 172.16.0.0 0.0.255.255
!

Regards,
Alex.
Please rate useful posts.

Regards, Alex. Please rate useful posts.
Community Member

Re: Can anyone check this for me, nat overload, static and defau

Omg! This was a test, which I was pretty sure about. Thought I'd get feedback from it since we don't get our grades back till Wed, I wanted to know how I did more or less. Now I feel so dumb for not turning on the serials and fas! :(. How could I forget :&. Thank you for your response. So, if they were on, would the nat and static be completely wrong?

Sent from Cisco Technical Support iPhone App

Green

Can anyone check this for me, nat overload, static and default r

Reyna,

Stick with it.

Your DHCP config and inside/outside interfaces are spot on

Regards,
Alex.
Please rate useful posts.

Regards, Alex. Please rate useful posts.
Community Member

Re: Can anyone check this for me, nat overload, static and defau

Oh and S0/0/1 was on the main router. The only one I had to program was VA s0/0/0...

Sent from Cisco Technical Support iPhone App

174
Views
10
Helpful
4
Replies
CreatePlease to create content