I have a cisco 2620 with one ethernet e0. I have a public address 65.217.x.x assigned to it and a private secondary address of 192.168.47.1. I need to use NAT on the inside private LAN for client pc's to access the internet.
I have do so far:
interface ethernet 0
ip address 192.168.47.1 255.255.255.0 secondary
ip nat inside
interface serial 0
ip address 65.217.x.x 255.255.255.248
ip nat outside
ip nat pool no-overload 65.217.x.x-65.217.x.x prefix 24
ip nat inside source list 7 pool no-overload
access-list 7 permit 192.168.0.0 0.0.0.255
Clients assigned private 192.168.47.x not accessing internet.
Check your mask on the access-list.
Should probably read:
access-list 7 permit 192.168.47.1 0.0.0.255
access-list 7 permit 192.168.0.0 0.0.255.255
Is this your entire config? I thought it was just trimmed down.
You need to have a statement like:
ip route 0.0.0.0 0.0.0.0 serial0
Are you using Frame, PPP, or HDLC on your serial connection? Its an odd mask for anything but frame.
Can you ping from the router to the internet?
Frame just for internet access
Gateway of last resort is 0.0.0.0 to network 0.0.0.0
C 192.168.47.0/24 is directly connected, FastE
220.127.116.11/29 is subnetted, 1 subnets
C 18.104.22.168 is directly connected, Fast
S* 0.0.0.0/0 is directly connected, Serial0/0.1
One thing I noticed is when I show ip interface I do not see access-list 7 defined anywhere.
Why are you using the public address on the ethernet interface? It should be private address.
There isn't enough information in the config to help much more. I would guess that the problem lies with your NAT pool. Are ALL of the IPs in the range unused (except for NAT)? Are you POSITIVE that your ISP is forwarding the entire range to you?
You can try to:
disable NAT and use one of the NAT IP addresses on your ethernet interface.
Ping that interface from the Net.
Use PAT (overload on serial0.1)
Verify that the IP range you're using isn't the same as your serial interface's.
One of these should work... If you can't even use PAT, you have a more basic problem.
It seems to be working now. Although the web pages are not coming up real fast. Downloading a file is great.
I have the nat pool set to one address should I change that to muliple addresses?
Also, how do I update the router to save the config.
It seems like it loses it when the power is shut off to the router.
Yes. Unless you're using the "overload" statement on NAT, you need more than one IP address in your pool. Preferabley for as many inside users as will access the network. If you only have one, it will work for the first person, then fail for everyone else until it times out.
To save your config, use one of the following commands (they all do the same thing):
copy running_config startup_config
copy run start