Solved: I meant the router at the - Page 2

bryandyal · ‎03-26-2014

I currently have a primary Internet circuit setup through Comcast. Modem is connected to an ASA5515X and Internet is working fine.

We installed a T1 that terminates in the same CO as a client's Internet service so we can route certain IPs from this office to their datacenter so we're all in the same network with less hops.

2620 router is setup and configured. I have a test route setup to my corporate website that is in a different location. I am able to ping the Internet and this site from the router and the core switch that is handling the routing, but cannot ping or access the site from the local VLAN. Config is faily simple for this site, so I'm not sure what's going on.

To troubleshoot, I attempted to route all traffic from the network to this T1 circuit, but that does not work. I have another site that is setup similarly with no issues.

Any ideas? Configs attached...if you need more, I can upload the full thing.

bryandyal · ‎03-26-2014

OK...should've seen that.

So does the NAT need to take place on the router or switch?

Jon Marshall · ‎03-26-2014

You can do it on the router as i doubt the switch supports.

Jon

bryandyal · ‎03-26-2014

How would I accomplish this? I'm not that versed on NAT'ing when it comes to router and CLI.

Jon Marshall · ‎03-26-2014

int fa0/0

ip nat inside

int s0/0

ip nat outside

access-list 101 permit ip 192.168.16.0 0.0.0.255 host 3.3.3.5

ip nat inside source list 101 interface s0/0 overload

Note instead of specifying the host in the acl you can use "any" if there are more destinations.

Jon

bryandyal · ‎03-26-2014

Thank you both for your input and working through this with me! :)

vishal vyas · ‎03-26-2014

do below configuration

!

interface vlan 100

ip nat inside

!

interface gi 0/48

ip nat outside

!

ip accessl-list standard 1

permit ip 192.168.16.0 0.0.0.0255

!

ip nat inside source list 1 interface ge 0/48 overload

!

it should take care of NAT issue.

Jon Marshall · ‎03-26-2014

That would work but it depends on the switch ie. most L3 switches don't support NAT.

Jon

bryandyal · ‎03-26-2014

No, it does not work. ip nat isn't a valid command when editing an interface.

Jon Marshall · ‎03-26-2014

So the next hop router at the other end of the T1, what does it's IP routing table show ?

Jon

bryandyal · ‎03-26-2014

https://supportforums.cisco.com/sites/default/files/attachments/discussion/ar_testing.txt

Jon Marshall · ‎03-26-2014

I meant the router at the other end of the T1 link.

Does it have a route back to the 192.168.16.0/24 network ?

Jon

Routing to a T1 through 2620 Router