06-13-2002 04:13 PM - edited 03-01-2019 10:10 PM
The modem dialin user want to access the company exchange server. Currently the dialin modem got assigned an ip address from cisco access server, but I am try to make the NAT and rout part work. Anybody has a sample?
Thanks
06-13-2002 08:19 PM
Pl. explain little more about what kind of ip address assigned to the dialin users..Privet or public..What is the ip address of Exchange server? Is it email server? Thanks..Tejal
06-13-2002 09:11 PM
Hi, Tejal, thanks for reply.
I just find out that the remote user can't even ping. Here is the info.
The remote user has an assigned address
10.1.2.12/255.0.0.0
the loopback0 interface has address 10.1.2.1/255.255.255.0
The box has fastethernet0 w/ ip = 192.76.69.20
route is 0.0.0.0 0.0.0.0 192.76.69.254.
The user can't ping 192.76.69.83 (which I now is in the network)
============
Here is the running config, only serial0 has pri line, fastethernet0 is the only ethernet connection, I also do some PAT between remote user and company network, as you will see.
modemgw# show run
Building configuration...
Current configuration:
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname modemgw
!
boot system flash c5300-is-mz_120-3_T1.bin
aaa new-model
aaa authentication login default local
aaa authentication ppp default if-needed local
enable password 7 011D0F095F0A
!
username minchumo password 7 11081B06464058
modem country mica usa
ip subnet-zero
ip host-routing
no ip finger
ip domain-name abc.def.com
!
async-bootp dns-server 192.76.64.227 143.91.100.213
isdn switch-type primary-5ess
!
!
controller T1 0
framing esf
clock source line primary
linecode b8zs
pri-group timeslots 1-24
!
controller T1 1
framing esf
clock source line secondary 1
linecode b8zs
pri-group timeslots 1-24
!
controller T1 2
framing esf
linecode b8zs
pri-group timeslots 1-24
!
controller T1 3
framing esf
linecode b8zs
pri-group timeslots 1-24
!
!
!
interface Loopback0
ip address 10.1.2.1 255.255.255.0
no ip directed-broadcast
ip nat inside
!
interface Ethernet0
no ip address
no ip directed-broadcast
no ip mroute-cache
shutdown
!
interface Serial0:23
no ip address
no ip directed-broadcast
encapsulation ppp
isdn switch-type primary-5ess
isdn incoming-voice modem
!
interface Serial1:23
no ip address
no ip directed-broadcast
encapsulation ppp
isdn switch-type primary-5ess
isdn incoming-voice modem
no fair-queue
no cdp enable
ppp authentication chap pap
ppp multilink
!
interface Serial2:23
no ip address
no ip directed-broadcast
encapsulation ppp
isdn switch-type primary-5ess
isdn incoming-voice modem
no fair-queue
no cdp enable
ppp authentication chap pap
ppp multilink
!
interface Serial3:23
no ip address
no ip directed-broadcast
encapsulation ppp
isdn switch-type primary-5ess
isdn incoming-voice modem
no fair-queue
no cdp enable
ppp authentication chap pap
ppp multilink
!
interface FastEthernet0
ip address 192.76.69.20 255.255.255.0
no ip directed-broadcast
ip nat outside
duplex full
speed auto
!
interface Group-Async1
ip unnumbered Loopback0
no ip directed-broadcast
encapsulation ppp
async mode interactive
peer default ip address pool dialin_pool
no cdp enable
group-range 1 48
hold-queue 10 in
!
ip local pool dialin_pool 10.1.2.2 10.1.2.49
ip nat inside source list 1 interface FastEthernet0 overload
ip http server
ip classless
ip route 0.0.0.0 0.0.0.0 192.76.69.254
!
access-list 1 permit any
!
line con 0
transport input none
line 1
autoselect during-login
autoselect ppp
modem InOut
transport input all
line 2 48
autoselect during-login
autoselect ppp
modem InOut
modem busyout
transport input all
line aux 0
line vty 0 4
timeout login response 180
password 7 030A5206020E
!
end
06-14-2002 08:29 AM
Start without NAT first and see if you can atleast ping the ip add of loopback interface after dialin...After that configure NAT..
Now From the router itself, First ping ip address 192.76.69.83 with the source ip add of loopback interface and see the results..That has to be successful first..
Now looks to me that dialin users are getting the privet ip address so you need to have the "ip nat inside" under the interface group-async 1..Also no need to have that under the loopback interface...Tejal
06-14-2002 11:22 AM
In that case, do I need a ip address for interface group-async 1
06-14-2002 02:58 PM
No...You can use ip from loopback using "ip unnumbered Loopback0" under the group-async interface...Tejal
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide