Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
205
Views
0
Helpful
2
Replies

NAT working slightly

dmalamba
Level 1
Level 1

‎03-19-2004 04:06 AM - edited ‎03-02-2019 02:24 PM

I have a leased line which i am using to connect to the internet using the NAT protocol. i have a pool of three real ip addresses given by my ISP of which two have been given to specific PCs(2 PCs ).

The third has been overloaded for the rest of the PCs. To my surprise only the two PCs are the ones able to browse the internet.

The following is the nat configguration:

=======================================================================

Cisco_2611_IT#sh conf

Using 3022 out of 29688 bytes

!

version 12.0

service config

service timestamps debug uptime

service timestamps log uptime

service password-encryption

!

hostname Cisco_2611_IT

!

ip subnet-zero

ip host salima 192.168.112.99

ip host Limbe 192.168.10.26

ip host BlantyrePayPoint 192.168.10.1

ip host MaselemaPayPoint 192.168.10.5

ip host LimbePayPoint 192.168.10.25

ip host Blantyre 192.168.10.2

ip host Zomba 192.168.10.22

ip host Mzuzu 192.168.30.30

ip host mangochi 192.168.30.22

ip host LilongweOldTown 192.168.10.14

ip host LilongweCityCentre 192.168.10.18

ip host Maselema 192.168.10.6

!

!

!

interface Ethernet0/0

ip address 192.168.100.207 255.255.255.0

no ip directed-broadcast

ip nat inside

!

interface Serial0/0

description Connecting MTL Head Office(Maselema)

bandwidth 64

ip address 192.168.30.6 255.255.255.252

ip directed-broadcast

ip nat inside

no ip mroute-cache

!

interface Ethernet0/1

ip address 192.168.240.1 255.255.255.0

no ip directed-broadcast

ip nat inside

bridge-group 1

!

interface Serial0/1

description Connecting Salima Customer Care Centre

ip address 192.168.30.9 255.255.255.252

no ip directed-broadcast

ip nat inside

no cdp enable

!

interface Serial1/0

description Connecting Ntcheu CCC

ip address 192.168.40.6 255.255.255.0

no ip directed-broadcast

ip nat inside

no cdp enable

!

interface Serial1/1

description Connecting M-Streams

ip address 192.168.10.16 255.255.255.0

no ip directed-broadcast

ip nat inside

no cdp enable

!

interface Serial1/2

description Connecting Leland Internet Gateway

ip address 10.x.x.x.x.0.0

no ip directed-broadcast

ip nat outside

no cdp enable

!

interface Serial1/3

description Connecting Ngabu CCC

ip address 192.168.40.11 255.255.255.0

no ip directed-broadcast

ip nat inside

no cdp enable

!

router rip

version 2

no validate-update-source

redistribute connected

network x.x.x.x

network x.x.x.x

network x.x.x.x

network 192.168.10.0

network 192.168.30.0

network 192.168.40.0

network 192.168.100.0

network 192.168.116.0

network 192.168.240.0

neighbor 10.10.10.1

!

ip nat pool Internet_Access 62.x.x.x 62.192.143.x netmask 255.255.255.252

ip nat inside source list 7 pool Internet_access overload

ip nat inside source static 192.168.100.8 62.192.143.x

ip nat inside source static 192.168.100.10 62.192.143.x

ip classless

ip route 0.0.0.0 0.0.0.0 10.10.10.1

!

access-list 7 permit 192.168.100.0 0.0.0.255

dialer-list 1 protocol ip permit

dialer-list 1 protocol ipx permit

snmp-server community public RO

bridge 1 protocol dec

banner motd ^C

!

line con 0

exec-timeout 0 0

logging synchronous

transport input none

line aux 0

line vty 0 4

password xxx

login

!

no scheduler allocate

end

=======================================================================

In other words both the source static configuration are workink ok.

I tried to swap the ip addresses but still couldnt work

What could be the problem?

Labels:
0 Helpful
2 Replies 2

Georg Pauwen
VIP
VIP

‎03-19-2004 04:20 AM

Hello,

if your ISP has given you the address space:

62.192.143.x netmask 255.255.255.252

you only have two usable addresses. If the x is a 0, you usable addresses would be 1 and 2. You have two addresses statically mapped, so there is no room for a third overloaded address. Try to take the static mappings out alltogether and make sure that the address in the overload statment is a usable address. Then, there is another problem:

your access list 7:

access-list 7 permit 192.168.100.0 0.0.0.255

only allows hosts from network 192.168.100.0/24 (which are the hosts on your Ethernet0/0) to be translated.

Try to change the access list statement to:

access-list 101 permit ip any any

and also change the statement:

ip nat inside source list 7 pool Internet_access overload

to

ip nat inside source list 101 pool Internet_access overload

HTH,

GP

0 Helpful

dbellazetin
Level 4
Level 4

‎03-19-2004 12:40 PM

A pretty big problem w/your configuration is that the pool Internet_Access is not being referenced correctly in the overload statement. When you work with names in Cisco the characters are case sensitive. Your line needs to be like this:

ip nat inside source list 7 pool Internet_Access overload

If that doesn't fix it let me know.

Daniel

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents