cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
274
Views
0
Helpful
3
Replies

NAT problem

dmalamba
Level 1
Level 1

I have a leased line which i am using to connect to the internet using the NAT protocol. i have a pool of three real ip addresses given by my ISP of which two have been given to specific PCs(2 PCs ).

The third has been overloaded for the rest of the PCs. To my surprise only the two PCs are the ones able to browse the internet.

The following is the nat configguration:

=======================================================================

Cisco_2611_IT#sh conf

Using 3022 out of 29688 bytes

!

version 12.0

service config

service timestamps debug uptime

service timestamps log uptime

service password-encryption

!

hostname Cisco_2611_IT

!

ip subnet-zero

ip host salima 192.168.112.99

ip host Limbe 192.168.10.26

ip host BlantyrePayPoint 192.168.10.1

ip host MaselemaPayPoint 192.168.10.5

ip host LimbePayPoint 192.168.10.25

ip host Blantyre 192.168.10.2

ip host Zomba 192.168.10.22

ip host Mzuzu 192.168.30.30

ip host mangochi 192.168.30.22

ip host LilongweOldTown 192.168.10.14

ip host LilongweCityCentre 192.168.10.18

ip host Maselema 192.168.10.6

!

!

!

interface Ethernet0/0

ip address 192.168.100.207 255.255.255.0

no ip directed-broadcast

ip nat inside

!

interface Serial0/0

description Connecting MTL Head Office(Maselema)

bandwidth 64

ip address 192.168.30.6 255.255.255.252

ip directed-broadcast

ip nat inside

no ip mroute-cache

!

interface Ethernet0/1

ip address 192.168.240.1 255.255.255.0

no ip directed-broadcast

ip nat inside

bridge-group 1

!

interface Serial0/1

description Connecting Salima Customer Care Centre

ip address 192.168.30.9 255.255.255.252

no ip directed-broadcast

ip nat inside

no cdp enable

!

interface Serial1/0

description Connecting Ntcheu CCC

ip address 192.168.40.6 255.255.255.0

no ip directed-broadcast

ip nat inside

no cdp enable

!

interface Serial1/1

description Connecting M-Streams

ip address 192.168.10.16 255.255.255.0

no ip directed-broadcast

ip nat inside

no cdp enable

!

interface Serial1/2

description Connecting Leland Internet Gateway

ip address 10.10.10.2 255.0.0.0

no ip directed-broadcast

ip nat outside

no cdp enable

!

interface Serial1/3

description Connecting Ngabu CCC

ip address 192.168.40.11 255.255.255.0

no ip directed-broadcast

ip nat inside

no cdp enable

!

router rip

version 2

no validate-update-source

redistribute connected

network 10.0.0.0

network 62.0.0.0

network 128.1.0.0

network 192.168.10.0

network 192.168.30.0

network 192.168.40.0

network 192.168.100.0

network 192.168.116.0

network 192.168.240.0

neighbor 10.10.10.1

!

ip nat pool Internet_Access 62.192.143.x 62.192.143.x netmask 255.255.255.252

ip nat inside source list 7 pool Internet_access overload

ip nat inside source static 192.168.100.8 62.192.143.x

ip nat inside source static 192.168.100.10 62.192.143.x

ip classless

ip route 0.0.0.0 0.0.0.0 10.10.10.1

!

access-list 7 permit 192.168.100.0 0.0.0.255

dialer-list 1 protocol ip permit

dialer-list 1 protocol ipx permit

snmp-server community public RO

bridge 1 protocol dec

banner motd ^C

!

line con 0

exec-timeout 0 0

logging synchronous

transport input none

line aux 0

line vty 0 4

password xxxx

login

!

no scheduler allocate

end

=======================================================================

In other words both the source static configuration are workink ok.

I tried to swap the ip addresses but still couldnt work

What could be the problem?

3 Replies 3

deilert
Level 6
Level 6

in your statement

ip nat pool Internet_Access 62.192.143.x 62.192.143.x netmask 255.255.255.252

I beleive you are only allowing 4 ip addresses it is hard to tell since you have the last octet missing , I think you need to tweak the netmask

' show ip nat translation '

would also be of use and show you what is going on in the NAT table

manish-young
Level 1
Level 1

Hi there,

I think you have to creat two nat ip pools, first for static mapping for host and another for internet browsing and then add the second nat ip pool to nat overload statment.

it may work

With regards

Manish Young

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco