Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Cisco 804 NAT Problem

Hello,

I'm hoping someone can help me on this. I have installed a CISCO 804 ISDN Router at my mother's home. The IP address of the router on the internal network is 192.168.1.1. There are two workstations, 192.168.1.2 and 192.168.1.3. I setup the router using the ConfigMaker utility because my grasp of IOS is not that great. This generates an IOS command script that works great for general Internet browsing and e-mail. The router get's the public IP address and the workstations NAT out to the Internet just fine. BUT, I want to be able to activate my mother's ViaVideo VideoPhone so we can use that to communicate. Here are the NAT commands that worked before:

ip nat inside source static tcp 192.168.1.3 3235 207.65.178.0 3235

ip nat inside source static tcp 192.168.1.3 3234 207.65.178.0 3234

ip nat inside source static tcp 192.168.1.3 3233 207.65.178.0 3233

ip nat inside source static tcp 192.168.1.3 3232 207.65.178.0 3232

ip nat inside source static tcp 192.168.1.3 3231 207.65.178.0 3231

ip nat inside source static tcp 192.168.1.3 3230 207.65.178.0 3230

ip nat inside source static udp 192.168.1.3 3235 207.65.178.0 3235

ip nat inside source static udp 192.168.1.3 3234 207.65.178.0 3234

ip nat inside source static udp 192.168.1.3 3233 207.65.178.0 3233

ip nat inside source static udp 192.168.1.3 3232 207.65.178.0 3232

ip nat inside source static udp 192.168.1.3 3231 207.65.178.0 3231

ip nat inside source static udp 192.168.1.3 3230 207.65.178.0 3230

ip nat inside source static tcp 192.168.1.3 3603 207.65.178.0 3603

ip nat inside source static tcp 192.168.1.3 1503 207.65.178.0 1503

ip nat inside source static tcp 192.168.1.3 1720 207.65.178.0 1720

ip nat inside source static tcp 192.168.1.3 5900 207.65.178.0 5900

ip nat outside source static tcp 207.65.178.0 3235 192.168.1.3 3235

ip nat outside source static tcp 207.65.178.0 3234 192.168.1.3 3234

ip nat outside source static tcp 207.65.178.0 3233 192.168.1.3 3233

ip nat outside source static tcp 207.65.178.0 3232 192.168.1.3 3232

ip nat outside source static tcp 207.65.178.0 3231 192.168.1.3 3231

ip nat outside source static tcp 207.65.178.0 3230 192.168.1.3 3230

ip nat outside source static udp 207.65.178.0 3235 192.168.1.3 3235

ip nat outside source static udp 207.65.178.0 3234 192.168.1.3 3234

ip nat outside source static udp 207.65.178.0 3233 192.168.1.3 3233

ip nat outside source static udp 207.65.178.0 3232 192.168.1.3 3232

ip nat outside source static udp 207.65.178.0 3231 192.168.1.3 3231

ip nat outside source static udp 207.65.178.0 3230 192.168.1.3 3230

ip nat outside source static tcp 207.65.178.0 3603 192.168.1.3 3603

ip nat outside source static tcp 207.65.178.0 1503 192.168.1.3 1503

ip nat outside source static tcp 207.65.178.0 1720 192.168.1.3 1720

(Note: I've replaced the last digit in the public IP address to .0 in all cases here for security.)

When I put this into the router, Internet access is disabled on the workstations and the ViaVideo does not work. Here is the IOS script that is generated by ConfigMaker (passwords and usernames converted to ****:

!

version 12.0

no service pad

service timestamps debug uptime

service timestamps log uptime

service password-encryption

!

hostname ****

!

enable password *****

!

!

dial-peer voice 1 pots

no call-waiting

ring 0

port 1

destination-pattern ****

!

dial-peer voice 2 pots

call-waiting

ring 0

port 2

destination-pattern ****

!

pots country US

ip subnet-zero

!

no ip domain-lookup

isdn switch-type basic-ni

!

!

!

interface Ethernet0

description connected to EthernetLAN

ip address 192.168.1.1 255.255.255.0

no ip directed-broadcast

ip nat inside

!

interface BRI0

description connected to Internet

no ip address

no ip directed-broadcast

ip nat outside

encapsulation ppp

dialer rotary-group 1

isdn switch-type basic-ni

isdn spid1 ***

isdn spid2 ***

isdn voice-priority *** out always

isdn voice-priority *** in always

isdn voice-priority *** out always

isdn voice-priority *** in off

isdn incoming-voice modem

no cdp enable

!

interface Dialer1

description connected to Internet

ip address 207.65.178.0 255.255.255.0

no ip directed-broadcast

ip nat outside

encapsulation ppp

no ip split-horizon

dialer in-band

dialer idle-timeout 300

dialer string ****

dialer hold-queue 10

dialer load-threshold 1 outbound

dialer-group 1

no cdp enable

ppp authentication chap pap callin

ppp chap hostname *****

ppp chap password ****

ppp pap sent-username **** password ****

ppp multilink

!

router rip

version 2

passive-interface Dialer1

network 192.168.1.0

no auto-summary

!

ip nat inside source list 1 interface Dialer1 overload

ip classless

ip route 0.0.0.0 0.0.0.0 Dialer1

!

access-list 1 permit 192.168.1.0 0.0.0.255

dialer-list 1 protocol ip permit

snmp-server location ****

snmp-server contact ****

!

line con 0

exec-timeout 0 0

password ****

login

transport input none

stopbits 1

line vty 0 4

password ****

login

!

end

Can anyone tell me what I need to change/add in my special NAT section to make this work? Any help would be GREATLY appreciated!

1 REPLY

Re: Cisco 804 NAT Problem

Since there has been no response to your post, it appears to be either too complex or too rare an issue for other forum members to assist you. If you don't get a suitable response to your post, you may wish to review our resources at the online Technical Assistance Center (http://www.cisco.com/tac) or speak with a TAC engineer. You can open a TAC case online at http://www.cisco.com/tac/caseopen

If anyone else in the forum has some advice, please reply to this thread.

Thank you for posting.

81
Views
0
Helpful
1
Replies