Announcement

Collapse
No announcement yet.

cisco 877 + nat internet problem

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • cisco 877 + nat internet problem

    Hi Folks,
    I wonder if you can help me with a cisco 877 problem please. I have a BT adsl connection and I have the router syncing perfectly and the DHCP pool is issuing addresses fine however I cannot get onto the internet and I cant ping either. I would appreciate anyones help with my config is below please:

    __________________________________________________ _______________


    version 12.4
    no service pad
    service timestamps debug datetime msec
    service timestamps log datetime msec
    no service password-encryption
    !
    hostname BROWNING_877
    !
    boot-start-marker
    boot-end-marker
    !
    enable secret 5 $1$7RJM$spHmDroNxlquvcqLTZFt2.
    !
    no aaa new-model
    !
    !
    dot11 syslog
    ip cef
    no ip dhcp use vrf connected
    ip dhcp excluded-address 192.168.1.254
    !
    ip dhcp pool MYPOOL
    import all
    network 192.168.1.0 255.255.255.0
    default-router 192.168.1.254
    dns-server 62.6.40.178
    domain-name BROWNING.local
    lease 0 2
    !
    !
    !
    !
    !
    !
    !
    archive
    log config
    hidekeys
    !
    !
    !
    !
    !
    interface ATM0
    description ADSL British Telecom
    no ip address
    ip virtual-reassembly
    ip route-cache policy
    ip route-cache flow
    no atm ilmi-keepalive
    pvc 0/38
    encapsulation aal5mux ppp dialer
    dialer pool-member 10
    !
    dsl operating-mode auto
    !
    interface FastEthernet0
    !
    interface FastEthernet1
    !
    interface FastEthernet2
    !
    interface FastEthernet3
    !
    interface Vlan1
    description LAN INSIDE
    ip address 192.168.1.1 255.255.255.0
    ip nat inside
    ip virtual-reassembly
    ip route-cache same-interface
    ip route-cache policy
    ip route-cache flow
    ip tcp adjust-mss 1452
    hold-queue 100 in
    hold-queue 100 out
    !
    interface Dialer10
    description ADSL British Telecom
    ip address negotiated
    ip access-group ACL_DIALER10_IN in
    ip access-group ACL_DIALER10_OUT out
    no ip redirects
    no ip unreachables
    no ip proxy-arp
    ip mtu 1492
    ip nat outside
    ip virtual-reassembly
    encapsulation ppp
    ip route-cache policy
    ip route-cache flow
    dialer pool 10
    dialer idle-timeout 0
    dialer-group 10
    no cdp enable
    ppp authentication chap pap callin
    ppp chap hostname [email protected]
    ppp chap password 0 XXXXX
    ppp pap sent-username [email protected] password 0 XXXXX
    ppp ipcp dns request
    ppp ipcp mask request
    ppp ipcp route default
    ppp ipcp address accept
    !
    ip forward-protocol nd
    ip route 0.0.0.0 0.0.0.0 Dialer10
    !
    no ip http server
    no ip http secure-server
    ip nat pool pool1 192.168.1.0 192.168.2.0 netmask 0.0.0.255
    ip nat inside source list 1 interface Dialer10 overload
    !
    ip access-list extended ACL_DIALER10_IN
    remark DHCPJ<IPS>
    permit udp any any eq bootpc
    permit udp any any eq bootps
    permit udp any any
    permit tcp any any
    permit ip 192.168.1.0 0.0.0.255 any
    ip access-list extended ACL_DIALER10_OUT
    permit tcp any any
    permit udp any any
    permit ip 192.168.1.0 0.0.0.255 any
    !
    dialer-list 1 protocol ip permit
    !
    !
    !
    control-plane
    !
    banner motd ^C DO NOT ATTEMPT TO LOG INTO THIS MACHINE. IF YOU FAIL TO COMPLY WE WILL SLAP YOUR LEGS VERY HARD AND SEND YOU TO BED WITH NO SUPPER SO BE WARNED!^
    C
    !
    line con 0
    exec-timeout 0 0
    password XXXXX
    logging synchronous
    login
    no modem enable
    line aux 0
    line vty 0 4
    exec-timeout 0 0
    privilege level 15
    password XXXXX
    login local
    transport input telnet ssh
    transport output all
    !
    scheduler max-task-time 5000
    end


    __________________________________________________ _______________

    Thanks folks!!!

  • #2
    Re: cisco 877 + nat internet problem

    DHCP Scope has default router of 192.168.1.254
    however, the interface for the cisco 877 is 192.168.1.1

    you need to set this as your default router - that should sort it.
    Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

    Comment


    • #3
      Re: cisco 877 + nat internet problem

      In addition... the following could be the problem for ACL and NAT related issues

      The ACL's attached to the dialer interface do NOT permit type ICMP, so ping will not work until you modify these ACL's to permit ICMP

      The NAT overload statement is referencing a standard ACL (1-99), when it should be referencing an extended or named ACL (100-199). Something like:

      Code:
      ip access-list extended acl.LANS-2-NAT
       permit ip 192.168.1.0 0.0.0.255 any
       
      ip nat inside source list acl.LANS-2-NAT interface Dailer10 overload
      or

      Code:
      access-list 101 permit ip 192.168.1.0 0.0.0.255 any
       
      ip nat inside source list 101 interface Dailer10 overload

      Comment

      Working...
      X