galonga@yahoo.com
Yes, I do own the serial ip number 189.57.241.178 255.255.255.252: it was the one attached to the serial port at and old configuration I had with a 2500 that worked
I also own the number 189.57.231.225 255.255.255.248: it was attached to the ethernet0 in the defunct 2500 and I no longer use it (bought a 2514 to replace it)
I tried to insert the command you said "ip nat inside source list 101 interface serial0 overload" but it claims "Dynamic mapping in use, cannot change"
Then I found out in http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080094422.shtml what to do
It only solved when I turned off the **** thing and plugued both AUIs from it 
However, after I insert the commands you told me we are back to step 1: the router can ping but the client cannot.
Don´t we need another command like "access-list 101 permit ip 192.168.1.0 0.0.0.255 any" for the new interface? It seems that did the trick before right?

Well, you could try with a different acl ie.

access-list 102 permit 192.168.1.0 0.0.0.255 any

ip nat inside source list 102 interface s0 overload

try that and see if it works. If not can you post full config again.

Jon

ekhabarov wrote:
Hmmm... Why use NAT?  Maybe you just forgotten to configure "ip routing" on this old platform 

Because the LAN addressing is 192.168.1.x

Jon

ok, I put both commands:

access-list 102 permit 192.168.1.0 0.0.0.255 any

ip nat inside source list 102 interface s0 overload

actually, apparently the command was access-list 101 permit IP 192.168.1.0 0.0.0.255 any, as it did not work

either way, as soon as I unplug the cable modem the connection drops. any ideas?

shouldn´t there be some kind of command to tell the router to switch between both connections based on some how of weight/rule/something?

Below the config as it is now:

Current configuration:
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Router
!

ip subnet-zero
!
!
!
interface Ethernet0
ip address 192.168.1.1 255.255.255.0
no ip directed-broadcast
ip nat inside
!
interface Ethernet1
ip address 201.17.6.16 255.255.255.0
no ip directed-broadcast
ip nat outside
!
interface Serial0
ip address 189.57.241.178 255.255.255.252
no ip directed-broadcast
ip nat outside
no ip mroute-cache
no fair-queue
!
interface Serial1
no ip address
no ip directed-broadcast
shutdown
!
ip nat inside source list 101 interface Ethernet1 overload
ip nat inside source list 102 interface Serial0 overload
ip nat inside source static tcp 192.168.1.21 8080 201.17.6.16 8080 extendable
ip nat inside source static tcp 192.168.1.199 65000 201.17.6.16 65000 extendable

ip nat inside source static tcp 192.168.1.21 65003 201.17.6.16 65003 extendable
ip nat inside source static tcp 192.168.1.21 80 201.17.6.16 80 extendable
ip nat inside source static tcp 192.168.1.21 21 201.17.6.16 21 extendable
ip nat inside source static tcp 192.168.1.21 25 201.17.6.16 25 extendable
ip nat inside source static tcp 192.168.1.21 110 201.17.6.16 110 extendable
ip nat inside source static tcp 192.168.1.21 5060 201.17.6.16 5060 extendable
ip nat inside source static tcp 192.168.1.21 65000 201.17.6.16 65000 extendable
ip classless
ip route 0.0.0.0 0.0.0.0 201.17.6.1
ip route 0.0.0.0 0.0.0.0 189.57.241.77
!
!
ip access-list extended WebServer
permit tcp any host 201.17.6.16 eq www
access-list 101 permit ip 192.168.1.0 0.0.0.255 any
access-list 102 permit ip 192.168.1.0 0.0.0.255 any
!
line con 0
login
transport input none
line aux 0
line vty 0 4
login

galonga@yahoo.com
ok, I put both commands:
access-list 102 permit 192.168.1.0 0.0.0.255 any
ip nat inside source list 102 interface s0 overload
actually, apparently the command was access-list 101 permit IP 192.168.1.0 0.0.0.255 any, as it did not work 
either way, as soon as I unplug the cable modem the connection drops. any ideas?



interface Serial0
 ip address 189.57.241.178 255.255.255.252
 no ip directed-broadcast
 ip nat outside
 no ip mroute-cache
 no fair-queue
!
i1
ip route 0.0.0.0 0.0.0.0 189.57.241.77
!
!

Good catch on the access-list, sorry i was probably typing a bit fast

Also think the other issue is down to my typing as well -

can you change make the following change -

no ip route 0.0.0.0 0.0.0.0 189.57.241.77

ip route 0.0.0.0 0.0.0.0 189.57.241.177

Jon

ok, after those 2 commands I can ping from the router after I unplug the cable modem, but not from the lan client

as soon as I plug the cable modem back in I can ping from the lan client again

so we are getting closer: I think we all we need is that ACL command again and we are set (hopefully!)

galonga@yahoo.com
ok, after those 2 commands I can ping from the router after I unplug the cable modem, but not from the lan client
as soon as I plug the cable modem back in I can ping from the lan client again
so we are getting closer: I think we all we need is that ACL command again and we are set (hopefully!) 

Not sure where we are with the config but what might be happening is you ping from the PC with the cable modem connected and it makes a NAT translation. Then you unplug it but the NAT translation is still there.

When you unplug the cable modem, before you ping again can you do this

router# clear ip nat translation *

Jon

I did better: unplugged the cable modem and rebooted the router while pinging constantly from a lan PC.

Curiously enough, it would alternate between a couple of "Reply from 192.168.1.1: Destination host unreachable" and some "Request timed out."

As soon as I plugged the cable modem back in the conextion was restored.

During that time with no cable modem (only the serial connection) however I could ping anything from the router.

(I also did your method with identical results)

Tha´s why I think it´s again the NAT-ACL issue, as it is the same that was happening with the cable modem connection in the first place.

Well? Anybody has any ideas?