Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Internet traffic

Hi

I have a cisco 2600 and I want to connect to the internet.

I have configured the 2 ethenet int

Eth 0/1 10.0.0.1 inside

Eth 0/0 172.16.0.194 outside

Default gateway is 172.16.0.212(internet gateway)

I can ping the DNS servers ok 172.16.0.222, from the router.

I can't get to the internet.

I have set up nat

ip nat inside source static local-ip global-ip

Access-lists allow every thing

Is there something I'm missing.

I think the nat is a problem because i can't ping accross the router but can ping 10.0.0.1

Thanks in advance for any help.

1 ACCEPTED SOLUTION

Accepted Solutions
Purple

Re: Internet traffic

Does your config look like the following ?

int eth0/1

ip nat inside

ip address 10.0.0.1 255.255.255.0 ! your mask may be different

!

int eth0/0

ip nat outside

ip address 172.16.0.194 255.255.255.224 ! your mask may be different

!

ip route 0.0.0.0 0.0.0.0 172.16.0.212

!

ip nat inside source list 10 interface eth0/0 overload

!

access-list 10 permit 10.0.0.0 0.0.0.255 ! your mask may be different

!

Cisco discourages the use of a 'permit any' access-list with NAT and it may not even work.

The above config assumes NAT overloading on the router's public IP address. If you want to do a static NAT on each internal address, you will need a unique public IP address for each internal address. What you can do, however, is to use a pool of public IP addresses that are shared between all your internal addresses. If you are going to do that, use the following:

ip nat pool PublicIPs

ip nat inside source list 10 pool PublicIPs overload

Hope that helps - pls rate the post if it does.

Regards,

Paresh.

2 REPLIES
Purple

Re: Internet traffic

Does your config look like the following ?

int eth0/1

ip nat inside

ip address 10.0.0.1 255.255.255.0 ! your mask may be different

!

int eth0/0

ip nat outside

ip address 172.16.0.194 255.255.255.224 ! your mask may be different

!

ip route 0.0.0.0 0.0.0.0 172.16.0.212

!

ip nat inside source list 10 interface eth0/0 overload

!

access-list 10 permit 10.0.0.0 0.0.0.255 ! your mask may be different

!

Cisco discourages the use of a 'permit any' access-list with NAT and it may not even work.

The above config assumes NAT overloading on the router's public IP address. If you want to do a static NAT on each internal address, you will need a unique public IP address for each internal address. What you can do, however, is to use a pool of public IP addresses that are shared between all your internal addresses. If you are going to do that, use the following:

ip nat pool PublicIPs

ip nat inside source list 10 pool PublicIPs overload

Hope that helps - pls rate the post if it does.

Regards,

Paresh.

New Member

Re: Internet traffic

Forgot to enter IP route all working a treat.

FYI..... This is not a live network.

Thank you for the reply that was fast!!

281
Views
0
Helpful
2
Replies