03-06-2003 11:41 AM - edited 03-02-2019 05:39 AM
I have recently started my CISCO education and have obtained 2 2500 series routers. This may seem like a simple question,but I have to ask it. I am trying to configure nat on a 2514 router running IOS 12.2. My ISP has assigned me a static IP of 68.101.42.142 with a subnet of 255.255.255.192 with a default gateway of 68.101.42.129. My ISP insisted that I only have one machine hooked up to this address. I would like to NAT the address so I can use my webserver and a few machines for a better learning enviriment. I would also like to use my 1900 series enterprise switch to connect them all together. I have tried to solve this myself with using sample configurations with the addresses to fit my network ,but nothing seemed to work. Any help would be greatly appriciated. Thankyou!
03-06-2003 12:58 PM
what results are you getting when you try to configure NAT ?
can you post your configs here ?
03-12-2003 05:05 AM
--begin ciscomoderator note-- The following post has been edited to remove potentially confidential information. Further, the original post was larger than current size restrictions so the 2nd part of the post has been edited and pasted into a new message by ciscomoderator below. Please refrain from posting confidential information on the site to reduce security risks to your network. -- end ciscomoderator note --
Here is the config from my router. I am not sure what I am doing wrong. It must be something simple. Thanks for the help!
--moderator edit-- Router1#
1w0d: %SYS-5-CONFIG_I: Configured from console by console
--moderator edit-- Router1#sh run
Building configuration...
Current configuration : 989 bytes
!
version 12.2
service config
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname --moderator edit-- Router1
!
enable secret 5 --moderator edit--
enable password --moderator edit--
!
ip subnet-zero
!
ip ssh time-out 120
ip ssh authentication-retries 3
!
!
!
!
interface Ethernet0
description to isp
ip address --moderator edit-- 192.168.99.142 255.255.255.192
ip nat outside
!
interface Ethernet1
description to lan
ip address 10.1.1.254 255.255.255.0
ip nat inside
!
interface Serial0
no ip address
shutdown
!
interface Serial1
no ip address
shutdown
!
router eigrp 10
network 68.0.0.0
auto-summary
no eigrp log-neighbor-changes
!
ip nat pool net-130 --moderator edit-- 192.168.99.130 --moderator edit-- 192.168.99.190 netmask 255.255.255.192
ip nat inside source list 1 interface Ethernet0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 --moderator edit-- 192.168.99.129
ip http server
ip pim bidir-enable
!
access-list 1 permit 10.1.1.0 0.0.0.255
!
line con 0
line aux 0
line vty 0 4
password --moderator edit--
login
!
end
--moderator edit-- Router1#sh ip nat stat
Total active translations: 0 (0 static, 0 dynamic; 0 extended)
Outside interfaces:
Ethernet0
Inside interfaces:
Ethernet1
Hits: 0 Misses: 0
Expired translations: 0
Dynamic mappings:
-- Inside Source
[Id: 1] access-list 1 interface Ethernet0 refcount 0
--moderator edit-- Router1#sh cdp nei
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater
Device ID Local Intrfce Holdtme Capability Platform Port ID
1900_switch Eth 1 141 T S 1900 AUI
--moderator edit-- Router1#telnet 1900_switch
Translating "1900_switch"...domain server (255.255.255.255)
% Unknown command or computer name, or unable to find computer address
--moderator edit-- Router1#ping --moderator edit-- 192.168.99.129
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to --moderator edit-- 192.168.99.129, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
--moderator edit-- Router1#traceroute --moderator edit-- 192.168.99.129
Type escape sequence to abort.
Tracing the route to --moderator edit-- 192.168.99.129
1 * * *
2 * * *
3 * * *
4 * * *
5 * * *
6 * * *
7 * * *
8 * * *
9 * * *
10 * * *
11 * * *
12 * * *
13 * * *
14 * * *
15 * * *
16 * * *
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *
--moderator edit-- Router1#config t
Enter configuration commands, one per line. End with CNTL/Z.
--moderator edit-- Router1(config)#no router eigrp 10
--moderator edit-- Router1(config)#^Z
--moderator edit-- Router1#
1w0d: %SYS-5-CONFIG_I: Configured from console by consolesh run
Building configuration...
Current configuration : 908 bytes
!
version 12.2
service config
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname --moderator edit-- Router1
!
enable secret 5 --moderator edit--
enable password --moderator edit--
!
ip subnet-zero
!
ip ssh time-out 120
ip ssh authentication-retries 3
!
!
!
!
interface Ethernet0
description to isp
ip address --moderator edit-- 192.168.99.142 255.255.255.192
ip nat outside
!
interface Ethernet1
description to lan
ip address 10.1.1.254 255.255.255.0
ip nat inside
!
interface Serial0
no ip address
shutdown
!
interface Serial1
no ip address
shutdown
!
ip nat pool net-130 --moderator edit-- 192.168.99.130 --moderator edit-- 192.168.99.190 netmask 255.255.255.192
ip nat inside source list 1 interface Ethernet0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 --moderator edit-- 192.168.99.129
ip http server
ip pim bidir-enable
!
access-list 1 permit 10.1.1.0 0.0.0.255
!
line con 0
line aux 0
line vty 0 4
password --moderator edit--
login
!
end
--moderator edit-- Router1#sh ip stat
^
% Invalid input detected at '^' marker.
--moderator edit-- Router1#sh ip ?
access-lists List IP access lists
accounting The active IP accounting database
aliases IP alias table
arp IP ARP table
as-path-access-list List AS path access lists
bgp BGP information
cache IP fast-switching route cache
cef Cisco Express Forwarding
community-list List community-list
dhcp Show items in the DHCP database
drp Director response protocol
dvmrp DVMRP information
egp EGP connections and statistics
eigrp IP-EIGRP show commands
extcommunity-list List extended-community list
flow NetFlow switching
igmp IGMP information
inspect CBAC (Context Based Access Control) information
interface IP interface status and configuration
irdp ICMP Router Discovery Protocol
local IP local options
masks Masks associated with a network
mcache IP multicast fast-switching cache
mobile Mobile IP information
mpacket Display possible duplicate multicast packets
mrm IP Multicast Routing Monitor information
mroute IP multicast routing table
msdp Multicast Source Discovery Protool (MSDP)
mtag IP Multicast Tagswitching TIB
nat IP NAT information
nhrp NHRP information
ospf OSPF information
pim PIM information
policy Policy routing
port-map Port to Application Mapping (PAM) information
prefix-list List IP prefix lists
protocols IP routing protocol process parameters and statistics
redirects IP redirects
rip IP RIP show commands
route IP routing table
rpf Display RPF information for multicast source
rsvp RSVP information
rtp RTP/UDP/IP header-compression statistics
sap Session Announcement Protocol cache
sockets Open IP sockets
ssh Information on SSH
tcp TCP/IP header-compression statistics
traffic IP protocol statistics
trigger-authentication Trigger-authentication host table
vrf VPN Routing/Forwarding instance information
wccp WCCP information
03-26-2003 12:50 PM
--begin ciscomoderator note-- The following post has been edited to remove potentially confidential information. Please refrain from posting confidential information on the site to reduce security risks to your network. -- end ciscomoderator note --
--moderator edit-- Router1#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is --moderator edit-- 192.168.99.129 to network 0.0.0.0
68.0.0.0/26 is subnetted, 1 subnets
C --moderator edit-- 192.168.99.128 is directly connected, Ethernet0
10.0.0.0/24 is subnetted, 1 subnets
C 10.1.1.0 is directly connected, Ethernet1
S* 0.0.0.0/0 [1/0] via --moderator edit-- 192.168.99.129
--moderator edit-- Router1#config t
Enter configuration commands, one per line. End with CNTL/Z.
--moderator edit-- Router1(config)#no ip route 0.0.0.0 0.0.0.0 --moderator edit-- 192.168.99.129
--moderator edit-- Router1(config)#^Z
--moderator edit-- Router1#
1w0d: %SYS-5-CONFIG_I: Configured from console by console
--moderator edit-- Router1#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
68.0.0.0/26 is subnetted, 1 subnets
C --moderator edit-- 192.168.99.128 is directly connected, Ethernet0
10.0.0.0/24 is subnetted, 1 subnets
C 10.1.1.0 is directly connected, Ethernet1
--moderator edit-- Router1#config t
Enter configuration commands, one per line. End with CNTL/Z.
--moderator edit-- Router1(config)#ip route --moderator edit-- 192.168.99.129 255.255.255.0 --moderator edit-- 192.168.99.142
%Inconsistent address and mask
--moderator edit-- Router1(config)#ip route --moderator edit-- 192.168.99.129 0.0.0.0 --moderator edit-- 192.168.99.142
%Inconsistent address and mask
--moderator edit-- Router1(config)#ip route --moderator edit-- 192.168.99.129 255.255.255.192 --moderator edit-- 192.168.99.142
%Inconsistent address and mask
--moderator edit-- Router1(config)#ip route --moderator edit-- 192.168.99.129 255.0.0.0 --moderator edit-- 192.168.99.142
%Inconsistent address and mask
--moderator edit-- Router1(config)#ip route --moderator edit-- 192.168.99.129 0.0.0.0 --moderator edit-- 192.168.99.142
%Inconsistent address and mask
--moderator edit-- Router1(config)#ip route --moderator edit-- 192.168.99.129 255.255.255.255 --moderator edit-- 192.168.99.142
%Invalid next hop address (it's this router)
--moderator edit-- Router1(config)#ip route --moderator edit-- 192.168.99.0 255.255.255.255 --moderator edit-- 192.168.99.129
--moderator edit-- Router1(config)#^Z
--moderator edit-- Router1#
1w0d: %SYS-5-CONFIG_I: Configured from console by consolesh run
Building configuration...
Current configuration : 920 bytes
!
version 12.2
service config
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname --moderator edit-- Router1
!
enable secret 5 --moderator edit--
enable password --moderator edit--
!
ip subnet-zero
!
ip ssh time-out 120
ip ssh authentication-retries 3
!
!
!
!
interface Ethernet0
description to isp
ip address --moderator edit-- 192.168.99.142 255.255.255.192
ip nat outside
!
interface Ethernet1
description to lan
ip address 10.1.1.254 255.255.255.0
ip nat inside
!
interface Serial0
no ip address
shutdown
!
interface Serial1
no ip address
shutdown
!
ip nat pool net-130 --moderator edit-- 192.168.99.130 --moderator edit-- 192.168.99.190 netmask 255.255.255.192
ip nat inside source list 1 interface Ethernet0 overload
ip classless
ip route --moderator edit-- 192.168.99.0 255.255.255.255 --moderator edit-- 192.168.99.129
ip http server
ip pim bidir-enable
!
access-list 1 permit 10.1.1.0 0.0.0.255
!
line con 0
line aux 0
line vty 0 4
password --moderator edit--
login
!
end
--moderator edit-- Router1#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
68.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
S --moderator edit-- 192.168.99.0/32 [1/0] via --moderator edit-- 192.168.99.129
C --moderator edit-- 192.168.99.128/26 is directly connected, Ethernet0
10.0.0.0/24 is subnetted, 1 subnets
C 10.1.1.0 is directly connected, Ethernet1
--moderator edit-- Router1#sh ip nat stat
Total active translations: 0 (0 static, 0 dynamic; 0 extended)
Outside interfaces:
Ethernet0
Inside interfaces:
Ethernet1
Hits: 0 Misses: 0
Expired translations: 0
Dynamic mappings:
-- Inside Source
[Id: 1] access-list 1 interface Ethernet0 refcount 0
--moderator edit-- Router1#sh ip stat
^
% Invalid input detected at '^' marker.
--moderator edit-- Router1#sh ip protocols
--moderator edit-- Router1#
1w0d: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet1, changed state t
o down
1w0d: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet1, changed state t
o up
--moderator edit-- Router1#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
68.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
S --moderator edit-- 192.168.99.0/32 [1/0] via --moderator edit-- 192.168.99.129
C --moderator edit-- 192.168.99.128/26 is directly connected, Ethernet0
10.0.0.0/24 is subnetted, 1 subnets
C 10.1.1.0 is directly connected, Ethernet1
--moderator edit-- Router1#exit
--moderator edit-- Router1 con0 is now available
Press RETURN to get started.
--moderator edit-- Router1>en
--moderator edit-- Router1#sh run
Building configuration...
Current configuration : 920 bytes
!
version 12.2
service config
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname --moderator edit-- Router1
!
enable secret 5 --moderator edit--
enable password --moderator edit--
!
ip subnet-zero
!
ip ssh time-out 120
ip ssh authentication-retries 3
!
!
!
!
interface Ethernet0
description to isp
ip address --moderator edit-- 192.168.99.142 255.255.255.192
ip nat outside
!
interface Ethernet1
description to lan
ip address 10.1.1.254 255.255.255.0
ip nat inside
!
interface Serial0
no ip address
shutdown
!
interface Serial1
no ip address
shutdown
!
ip nat pool net-130 --moderator edit-- 192.168.99.130 --moderator edit-- 192.168.99.190 netmask 255.255.255.192
ip nat inside source list 1 interface Ethernet0 overload
ip classless
ip route --moderator edit-- 192.168.99.0 255.255.255.255 --moderator edit-- 192.168.99.129
ip http server
ip pim bidir-enable
!
access-list 1 permit 10.1.1.0 0.0.0.255
!
line con 0
line aux 0
line vty 0 4
password --moderator edit--
login
!
end
--moderator edit-- Router1#
03-06-2003 01:07 PM
Let your topology be like this.
ISP(68.101.42.129/26)
|
|
|
Your router (serial 0 ip - 68.101.42.142, ethernet 0 ip - 10.1.1.254)
|
|
cat 1900 switch
|
|
(lan with workstations with ip starting from 10.1.1.1 to 10.1.1.253)
On the router the following configs need to be put.
int e0
ip add 10.1.1.254 255.255.255.0
description To LAN
ip nat inside
no shut
int s0
ip add 68.101.42.142 255.255.255.192
ip nat outside
description To ISP
no shut
ip nat inside source list 1 interface serial 0 overload
access-list 1 permit 10.1.1.0 0.0.0.255
Test your connectivity from your router to ISP. (Ping the ISP next-hop)
Test your connectivity from a PC to ISP next-hop. (Ping the ISP next-hop from PC)
Give a show ip nat translation on the router, and see if NAT translations are taking place.
Hope that helps!
03-06-2003 08:04 PM
I really appreciate the help! I will try this and post how it turns out. Once again Thanks for the input from anybody who posted. Tracy.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide