Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Several gateways

I have a cisco 2651 with 3 ethernet interfaces.

1 is for Lan ( 192.168.3.x)

1 is for default gateway 0.0.0.0 192.168.1.1 (fiber connection)

1 is for a static route to 213.162.23.24 192.168.4.1 (DSL connection )

The problem is that when the lan users in the range 192.168.3.x try to access to the IP 213.162.23.24 they can't, a ping from the router to 213.162.23.24 going by 192.168.4.1 gateway is possible. But from the users is not.

This is the config:

interface FastEthernet0/0

ip address 192.168.3.1 255.255.255.0

ip nat inside

ip virtual-reassembly

duplex auto

speed auto

!

interface FastEthernet0/1

ip address 192.168.4.2 255.255.255.0

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

!

interface Ethernet1/0

ip address 192.168.1.249 255.255.255.0

ip nat outside

ip virtual-reassembly

half-duplex

!

ip http server

ip classless

ip route 0.0.0.0 0.0.0.0 192.168.1.1

ip route 213.162.201.146 255.255.255.255 192.168.4.1

!

!

ip nat inside source list 1 interface Ethernet1/0 overload

access-list 1 permit 192.168.3.0 0.0.0.255

Where is the problem?

Thanks

7 REPLIES

Re: Several gateways

Hi,

There are few points that i would like to mention here.

1) There is no static route for 213.162.23.24 exists in your configuration.

2) In the NAT configuration, you are overloading it through ethernet1/0 ?

This will work only for traffic exiting via ethernet1/0 interface

Where is the nat configuration for traffic exiting via fastethernet0/1 ( 192.168.4.2) ?

Probably you are missing the nat configuration for traffic exiting via this interface..

Revert back with further details.

-VJ

New Member

Re: Several gateways

1) First, the static route is wrong but now is fixed.

2) I have natted the traffic over FastEthernet0/1 192.168.4.2 and the problem persists.

I cannot do ping from the clients in 192.168.3.0 to the IP address 213.162.201.146

This is the config now:

interface FastEthernet0/0

ip address 192.168.3.1 255.255.255.0

ip nat inside

ip virtual-reassembly

duplex auto

speed auto

!

interface FastEthernet0/1

ip address 192.168.4.2 255.255.255.0

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

!

interface Ethernet1/0

ip address 192.168.1.249 255.255.255.0

ip nat outside

ip virtual-reassembly

half-duplex

!

ip http server

ip classless

ip route 0.0.0.0 0.0.0.0 192.168.1.1

ip route 213.162.201.146 255.255.255.255 192.168.4.1

!

ip nat inside source list 1 interface Ethernet1/0 overload

ip nat inside source list 10 interface FastEthernet0/1 overload

ip nat inside source static tcp 192.168.3.148 3389 192.168.1.249 3389 extendable

!

access-list 1 permit 192.168.3.0 0.0.0.255

access-list 10 permit 192.168.3.0 0.0.0.255

Where is the mistake

regards

Re: Several gateways

Hi,

Thanks for reverting back.

Have you performed a "clear ip nat translations" after doing the configuration change.

Does the ping from router to 213.162.201.146 works now.

If possible capture the output of "show ip nat translations" and examine the translation table for proper natting.

Also if possible you can do debug on nat translation by issuing "debug ip nat" to examine the nat translations happening on the fly.

-VJ

New Member

Re: Several gateways

Yes the ping from the router runs correctly, but from the clients in the range 192.168.3.0 doesn't.

I suposse I have to add an access list to permit the access from the 192.168.3.0 213.162.201.146

Can you help me?

Re: Several gateways

Hi,

You already have the access-list 10 which is doing the source nat for that segment.

Kindly let me know whether you have done the following as stated in earlier post.

1) Have you performed a "clear ip nat translations" after doing the configuration change.

2) If possible capture the output of "show ip nat translations" and examine the translation table for proper natting.

3) Also if possible you can do debug on nat translation by issuing "debug ip nat" to examine the nat translations happening on the fly.

-VJ

New Member

Re: Several gateways

Yes I have performed that commands and the problem continues.

I want to nat the network from 192.168.3.0/24 to 213.162.201.146

Re: Several gateways

Hi,

If you have the output of below mentioned captures(requested in my earlier post), please provide the same.

-----------------

2) If possible capture the output of "show ip nat translations" and examine the translation table for proper natting.

3) Also if possible you can do debug on nat translation by issuing "debug ip nat" to examine the nat translations happening on the fly.

-VJ

270
Views
5
Helpful
7
Replies
CreatePlease login to create content