02-07-2012 12:49 PM - edited 03-07-2019 04:47 AM
Afternoon Everyone,
Appologies for such a basic question but i'm just getting started with cisco kit so you will have to bare with me.
I have a cisco 1841,
Fa0/0 has the ip of 192.168.5.20
Fa0/1 has the ip of 10.0.0.1
Fa0/0 goes off to the Default gateway of 192.168.5.254
Fa0/1 goes off to a switch where I have a test machine connected (Ip 10.0.0.5).
From the router I can ping 8.8.8.8 for example and it's fine.
From the test computer I am unable to.
I added the "ip route 0.0.0.0 0.0.0.0 192.168.5.254" which then allow the router to ping 8.8.8.8
I realise I am probably making a very basic mistake but would appriciate some points or hints as to where I am going wrong.
Below is the config:
Password:
R1#show run
Building configuration...
Current configuration : 847 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$wssO$VhBou3PyVzg.IbEz4.4xv/
!
no aaa new-model
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
ip cef
!
!
no ip dhcp use vrf connected
!
!
no ip domain lookup
!
!
!
!
interface FastEthernet0/0
ip address 192.168.5.20 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 10.0.0.1 255.255.255.0
duplex auto
speed auto
!
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.5.254
!
no ip http server
!
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
password test
logging synchronous
login
line vty 5 15
password test
logging synchronous
login
!
end
If anyone could help that would be greatly appriciated.
Am I right in thinking I would have to create some sort of NAT rule from the inside to outside. or am I going down the wrong path here
Solved! Go to Solution.
02-07-2012 12:55 PM
Hi,
yes you're right, just do NAT and it shall work:
access-list 1 permit 10.0.0.0 0.0.0.255
ip nat inside source list 1 interface f0/0
int f0/0
ip nat outside
int f0/1
ip nat inside
Regards.
Alain.
02-07-2012 12:55 PM
Hi,
yes you're right, just do NAT and it shall work:
access-list 1 permit 10.0.0.0 0.0.0.255
ip nat inside source list 1 interface f0/0
int f0/0
ip nat outside
int f0/1
ip nat inside
Regards.
Alain.
02-07-2012 01:12 PM
Thank you for your fast reply alain.
Just to get this correct so I understand, all we have done here is effectively called fa0/0 outside and 0/1 inside.
A new access list has been created for the network 10.0.0.0
We have then told the router that if any traffic from the inside interface in list 1 matches 10.0.0.0 to send it to the outside interface 0/0
02-07-2012 02:06 PM
Hi,
any source address matching access-list 1 entering the inside interface will get translated to the IP address of the outside interface along with a port number so this is called NAT overload( many to one). So from the outside the source IP is the outside IP.
Regards.
Alain
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide