Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
381
Views
0
Helpful
3
Replies

Natting multiple subnets on a single interface

tarsellis
Level 1
Level 1

‎03-02-2006 09:37 AM - edited ‎03-03-2019 11:56 AM

Hi, I'm trying to provide internet access to several locations through a single point. These locations connect via point to point links that aggregate on a 3rd party cisco router then connect to my ethernet interface. I also have another point to point connection that I control that connects to the internet router via the same ethernet interface.

The remote location which I control has internet access through this router, and works as expected.

The local location also works as expected.

The remote locations which connect via the third party router act very funny. Machines from these locations can ping and ftp both to hostnames, and to IPs. However, web browsers merely say page cannot be displayed, and remote desktop conections fail.

Below is my current configuration. Any help or pointers would be greatly apreciated.

10.168.1.0/24 is the remote location I control. 192.168.1-3 are remote locations connected through the third party's IADs. My routers a 2801.

interface Multilink1

description outside

ip address 65.123.140.178 255.255.255.252

ip nat outside

ip virtual-reassembly

ppp multilink

ppp multilink fragment disable

ppp multilink group 1

!

interface FastEthernet0/0

description inside

ip address 192.168.0.1 255.255.255.0

ip nat inside

ip virtual-reassembly

duplex auto

speed auto

!

. . .

!

ip classless

ip route 0.0.0.0 0.0.0.0 65.123.140.177

ip route 10.1.1.0 255.255.255.0 192.168.0.135

ip route 10.168.1.0 255.255.255.0 192.168.0.3

ip route 65.118.104.64 255.255.255.224 FastEthernet0/0

ip route 192.168.1.0 255.255.255.0 192.168.0.135

ip route 192.168.2.0 255.255.255.0 192.168.0.135

ip route 192.168.3.0 255.255.255.0 192.168.0.135

ip route 192.168.4.0 255.255.255.0 192.168.0.135

ip http server

no ip http secure-server

ip nat inside source list 1 interface Multilink1 overload

ip nat inside source static tcp 192.168.0.9 80 interface Multilink1 80

ip nat inside source static tcp 192.168.0.151 6253 interface Multilink1 6253

ip nat inside source static tcp 192.168.0.151 6252 interface Multilink1 6252

ip nat inside source static 192.168.0.2 interface Loopback1

ip nat inside source static tcp 192.168.0.151 6250 interface Multilink1 6250

ip nat inside source static tcp 192.168.0.151 6251 interface Multilink1 6251

ip nat inside source static 65.118.104.70 192.168.0.9

!

!

access-list 1 permit 65.118.104.70

access-list 1 permit 65.118.104.66

access-list 1 permit 192.168.0.0 0.0.255.255

access-list 1 permit 10.168.1.0 0.0.0.255

access-list 1 permit 10.0.0.0 0.0.0.255

access-list 1 permit 10.0.0.0 0.0.252.255

. . .

!

Labels:
0 Helpful
3 Replies 3

nethelper
Level 3
Level 3

‎03-02-2006 10:33 AM

Hello,

since your network 10.168.1.0/24 is working fine, the problem might be with the 3rd party Cisco router your remote locations use to connect to the router whose connection you have posted. Do you have access to the (configuration of) that 3rd party router ?

Regards,

Nethelper

0 Helpful

tarsellis
Level 1
Level 1
In response to nethelper

‎03-02-2006 12:33 PM

I just got this config, but haven't been able to get one for the local 3rd party router, nor the redback between the two.

It's comforting to get a second opinion that it's probably not my router, as I'm baffled as to how it could be or where to get answers.

Thanks

ip dhcp pool LaJamesPool1

network 192.168.1.0 255.255.255.0

dns-server 205.171.3.65 205.171.2.65

default-router 192.168.1.254

domain-name lajames.net

controller T1 1/0

framing esf

linecode b8zs

channel-group 0 timeslots 1-24

!

class-map match-any Voice

match dscp ef

!

!

policy-map FairVoip-75percent

class Voice

priority percent 75

class class-default

fair-queue

!

!

!

!

interface FastEthernet0/0

ip address 192.168.1.254 255.255.255.0

no ip redirects

no ip unreachables

no ip proxy-arp

duplex auto

speed auto

no cdp enable

!

interface Serial1/0:0

description Qwest CID 1.HCFU.95534..NW

bandwidth 1536

no ip address

no ip redirects

no ip unreachables

no ip proxy-arp

encapsulation frame-relay IETF

frame-relay traffic-shaping

frame-relay lmi-type ansi

!

interface Serial1/0:0.16 point-to-point

description SID 112941 - LaJames International College Davenport, IA

bandwidth 512

ip address 172.17.91.9 255.255.255.252

no ip redirects

no ip unreachables

no ip proxy-arp

no cdp enable

frame-relay interface-dlci 16 IETF

class voip-512k

!

no ip http server

!

ip classless

ip route 0.0.0.0 0.0.0.0 172.17.91.10

!

!

!

map-class frame-relay voip-512k

frame-relay fragment 640

frame-relay cir 486400

frame-relay bc 4864

frame-relay be 0

frame-relay mincir 486400

service-policy output FairVoip-75percent

!

map-class frame-relay shape-512k

frame-relay cir 486400

frame-relay bc 60800

frame-relay be 0

frame-relay mincir 486400

0 Helpful

tarsellis
Level 1
Level 1
In response to tarsellis

‎03-03-2006 10:41 AM

I got my answer, and everything was correct on my router.

After another couple of hours with the 3rd party on the phone and proving that complete end to end conversations worked, they retreated, escalated issues, and removed their QoS mechanism. Magically the issues have disappeared, and everything works.

Thanks

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card