Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

IP NAT Inside Home Network

If anybody can give me a hand here. I have set up my Cisco lab - the point for the moment is to have for example plex as my media server. 

 

My current configuration is as follow: Internet into my Asus router connected to my cisco router - I dived my home network as two /25s. My cisco network shares IP as 192.168.1.100 of fa0/0 "facing asus router and a under the fa0/1 the other /25. I have a plex media server which is running fine but devices w/in the my home network "asus" can not see the servers if IP NAT is enabled also still when IP nat is enabled im able to ssh to a linux box I have under my homenetwork. Now here is the trick I remove nat from my configuration and I am no longer able to ssh into that box but I am able to see my plex server from my home network. 

===

Eventually I would like to replace the asus router with my cisco router - following by a firewall appliance and then any LAN services....

R1.DGO#sh run
Building configuration...

Current configuration : 2863 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname R1.DGO
!
boot-start-marker
boot system flash c2600-is-mz.123-22.bin
boot-end-marker
!
logging buffered 4096 informational
no logging monitor
enable secret 5 $1$.aTZ$Um5f6QiSHEswxjof0F.ZS.
enable password 7 0054370F0C5E0C0919
!
no network-clock-participate slot 1
no network-clock-participate wic 0
no aaa new-model
ip subnet-zero
ip flow-cache timeout active 1
ip cef
!
!
ip domain name dgo.net
ip host sw1 192.168.1.254
ip host R3 192.168.30.2
ip name-server 8.8.8.8
ip name-server 192.168.1.1
!
ip dhcp-server 192.168.1.130
!
!
!
!
!
!
!
!
!
!
!
username dgo privilege 15 password 7 08021C425914071E32
username vq352k privilege 12 password 7 070020475A0617
username mho privilege 11 password 7 097A4B1B10161E150548
!
!
!
!
!
interface FastEthernet0/0
 bandwidth 100000
 ip address 192.168.1.100 255.255.255.128
 ip access-group 101 in
 ip mtu 1440
 ip nat outside
 ip flow ingress
 ip route-cache flow
 speed auto
 full-duplex
 snmp ifindex persist
 no keepalive
!
interface Serial0/0
 ip address 192.168.30.1 255.255.255.252
 clock rate 64000
!
interface FastEthernet0/1
 ip address 192.168.1.129 255.255.255.128
 ip nat inside
 speed auto
 full-duplex
!
router eigrp 5
 auto-summary
!
ip default-gateway 192.168.1.1
ip nat pool outside 192.168.1.50 192.168.1.55 netmask 255.255.255.128
ip nat inside source list 12 interface FastEthernet0/0 overload
no ip http server
ip flow-export source FastEthernet0/0
ip flow-export version 5
ip flow-export destination 192.168.1.216 2055
no ip classless
ip route 0.0.0.0 0.0.0.0 FastEthernet0/0 192.168.1.1
!
!
access-list 1 permit 192.168.1.5 log
access-list 1 permit 192.168.1.16 log
access-list 1 permit any log
access-list 2 permit 192.168.1.11 log
access-list 2 permit 192.168.1.5 log
access-list 2 permit 192.168.1.226 log
access-list 2 permit 192.168.1.173 log
access-list 2 permit 192.168.1.130 log
access-list 3 permit 192.168.1.0 0.0.0.255
access-list 4 permit 192.168.1.216 log
access-list 12 permit 192.168.1.128 0.0.0.127
access-list 101 permit ip any any
access-list 101 permit tcp any host 192.168.1.173 eq 45631 log
access-list 101 permit tcp any host 192.168.1.173 eq 32402 log
!
snmp-server group none v2c access 4
snmp-server community $$Verisign$$ RO
snmp-server ifindex persist
!
!
!
!
!
!
gateway
!
banner incoming ^CINE



line con 0
 login local
line aux 0
line vty 0 4
 access-class 2 in
 login local
line vty 5 15
 access-class 2 in
 login local
!
!
end

R1.DGO#

Everyone's tags (1)
122
Views
0
Helpful
0
Replies
CreatePlease to create content