Total active translations: 0

jking13602 · ‎09-12-2014

Hello, I am working with a config from scratch for the first time on IOS for a 819 ISR. I have attempted this several times now and can't get this figured out.

I have this so far. I just can't get VLAN1 to talk with the internet. I can ping the inside 122.1 address from the client PC. But I can't get passed that. I will eventually be building 2 site-to-site VPNs on this router also, but I need to be able to get outside first. I have the Giga0 set to DHCP for now, because I am utilizing my back up ISP which is static but stuck on my ASA MAC. so for now I will be using DHCP on the WAN Giga0 interface. The PC i can hook up to this line and it get's it's dhcp from my ISP and can get out, so I know that DCHP isn't the issue. I am newb when it comes to IOS. If this were ASA I would have this fixed....

version 15.3

service config

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname MAT122

!

boot-start-marker

boot-end-marker

!

aqm-register-fnf

!

no logging console

enable secret 5 ********

!

no aaa new-model

!

ip dhcp excluded-address 192.168.122.1 192.168.122.99

ip dhcp excluded-address 192.168.122.210

!

ip dhcp pool vlan1InsidePool

network 192.168.122.0 255.255.255.0

default-router 192.168.122.1

dns-server 8.8.8.8

!

no ip domain lookup

ip cef

no ipv6 cef

!

multilink bundle-name authenticated

!

chat-script lte "" "AT!CALL" TIMEOUT 20 "OK"

!

license udi pid C819G-4G-V-K9 sn FTX182083AB

!

controller Cellular 0

!

interface Loopback0

ip address 192.168.200.200 255.255.255.0

!

interface Cellular0

no ip address

encapsulation slip

dialer in-band

dialer string lte

!

interface FastEthernet0

no ip address

!

interface FastEthernet1

no ip address

!

interface FastEthernet2

no ip address

!

interface FastEthernet3

no ip address

!

interface GigabitEthernet0

ip address dhcp

ip nat outside

ip virtual-reassembly in

duplex auto

speed auto

!

interface Serial0

no ip address

shutdown

clock rate 2000000

!

interface Vlan1

ip address 192.168.122.1 255.255.255.0

ip nat inside

ip virtual-reassembly in

!

ip forward-protocol nd

no ip http server

no ip http secure-server

!

ip nat inside source list 1 interface GigabitEthernet0

ip route 0.0.0.0 0.0.0.0 GigabitEthernet0

!

access-list 1 permit 192.168.122.0 0.0.0.255

!

control-plane

!

mgcp behavior rsip-range tgcp-only

mgcp behavior comedia-role none

mgcp behavior comedia-check-media-src disable

mgcp behavior comedia-sdp-force disable

!

mgcp profile default

!

line con 0

no modem enable

line aux 0

line 2

no activation-character

no exec

transport preferred none

transport input all

stopbits 1

line 3

script dialer lte

no exec

line vty 0 4

password ********

login

transport input all

!

scheduler allocate 20000 1000

!

end

Tagir Temirgaliyev · ‎09-12-2014

sh ip int br

jking13602 · ‎09-15-2014

Interface IP-Address OK? Method Status Prot ocol
Cellular0 unassigned YES unset up up
FastEthernet0 unassigned YES unset up up
FastEthernet1 unassigned YES unset up down
FastEthernet2 unassigned YES unset up down
FastEthernet3 unassigned YES unset up down
GigabitEthernet0 173.xx.xx.xx YES DHCP up up
Loopback0 192.168.200.200 YES manual up up
NVI0 173.xx.xx.xx YES unset up up
Serial0 unassigned YES unset administratively down down
Vlan1 192.168.122.1 YES manual up up

jking13602 · ‎09-15-2014

Total active translations: 0 (0 static, 0 dynamic; 0 extended)
Peak translations: 0
Outside interfaces:
GigabitEthernet0
Inside interfaces:
Vlan1
Hits: 0 Misses: 0
CEF Translated packets: 0, CEF Punted packets: 0
Expired translations: 0
Dynamic mappings:
-- Inside Source
[Id: 1] access-list 1 interface GigabitEthernet0 refcount 0

Total doors: 0
Appl doors: 0
Normal doors: 0
Queued Packets: 0

Finally got the "sh ip nat stat"

Richard E · ‎09-13-2014

try changing

ip nat inside source list 1 interface GigabitEthernet0

to

ip nat inside source list 1 interface GigabitEthernet0 overload.

if still not up after that can you post a sh ip nat translation as well as the sh ip int br previously requested

The rest of the config looks ok to me.

jking13602 · ‎09-15-2014

ip nat inside source list 1 interface GigabitEthernet0 overload
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0
!
!
access-list 1 permit 192.168.122.0 0.0.0.255
access-list 101 permit icmp any any

I thought of this already, changed after I posted. Still not getting to internet. I can ping the inside VLAN1 ip address but fails to get to the outside world. Any other diag. I can post? Also for some reason, I can't ping say 4.2.2.2 from the router now, when I thought I was able to do so previously, this very well could be my access-list now.

sh ip nat tran

Nothing comes up.

jking13602 · ‎09-18-2014

SOLVED!!!!!!!!!!!! the issue wasn't NAT it was the route statement. I guess the 800's need this added on the end of the route statement.

ip route 0.0.0.0 0.0.0.0 GigabitEthernet0 to ip route 0.0.0.0 0.0.0.0 GigabitEthernet0 dhcp

this allowed the traffic to pass outside.

VLAN1 to WAN internet stumped...