Announcement

Collapse
No announcement yet.

Cisco 1921 + nat

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Cisco 1921 + nat

    Hi,

    I'm trying to configure a cisco 1921 with our new provider and I am having some problems. With the config below I can ping hosts from the router, but not from the private ip's. The info I got from the ISP:

    wan route: x.x.x.220/30
    isp ip address: x.x.x.221
    customer ip address: x.x.x.222
    public ip's: y.y.y.224/29

    Any help would be appreciated.

    Philip


    Building configuration...

    Current configuration : 4449 bytes
    !
    version 15.1
    service timestamps debug datetime msec localtime show-timezone
    service timestamps log datetime msec localtime show-timezone
    no service password-encryption
    service udp-small-servers
    service tcp-small-servers
    service sequence-numbers
    !
    hostname cisco1921
    !
    boot-start-marker
    boot-end-marker
    !
    !
    security authentication failure rate 3 log
    security passwords min-length 6
    logging buffered 51200
    logging console critical
    !
    !
    no ipv6 cef
    ip source-route
    ip gratuitous-arps
    ip cef
    !
    ip name-server 195.130.131.11
    !
    multilink bundle-name authenticated
    !
    redundancy
    !
    ip finger
    ip tcp synwait-time 10
    no ip ftp passive
    !
    interface Embedded-Service-Engine0/0
    no ip address
    ip mask-reply
    ip directed-broadcast
    ip flow ingress
    shutdown
    !
    interface GigabitEthernet0/0
    description $ETH-LAN$$FW_INSIDE$
    ip address 192.168.0.3 255.255.255.0
    ip mask-reply
    ip directed-broadcast
    ip flow ingress
    ip nat inside
    ip virtual-reassembly in
    duplex auto
    speed auto
    !
    interface GigabitEthernet0/1
    description $ETH-WAN$$FW_OUTSIDE$
    ip address x.x.x.222 255.255.255.252
    ip mask-reply
    ip directed-broadcast
    ip flow ingress
    ip nat outside
    ip virtual-reassembly in
    duplex auto
    speed auto
    !
    ip default-gateway x.x.x.221
    ip forward-protocol nd
    !
    ip http server
    ip http access-class 2
    ip http authentication local
    ip http secure-server
    ip http timeout-policy idle 600 life 86400 requests 10000
    !
    ip nat inside source list 1 interface GigabitEthernet0/1 overload
    ip route 0.0.0.0 0.0.0.0 x.x.x.221
    ip identd
    !
    access-list 1 remark CCP_ACL Category=2
    access-list 1 permit 192.168.0.0 0.0.0.255
    access-list 2 remark HTTP Access-class list
    access-list 2 remark CCP_ACL Category=1
    access-list 2 permit 192.168.0.0 0.0.0.255
    access-list 2 deny any
    !
    no cdp run
    !
    control-plane
    !
    end

  • #2
    Re: Cisco 1921 + nat

    i don't know if your ACLs permit access from the 192.168.0.0 subnet onto the internet..

    I could be wrong.. and I'm not the right person to definitely tell you what you need
    but they look a little wrong to me.
    Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

    Comment


    • #3
      Re: Cisco 1921 + nat

      So you can ping outside ip addresses from the router but not from any inside addresses? Sounds like your internal hosts do not have the correct gateway.
      CCNA, Network+

      Comment

      Working...
      X