carlmeister
Technical User
I am trying to configure a Qwest T-1/Managed VPN setup and think I may be a little confused by this (nothing new there). I currently have the configuration shown below. Note that Qwest has given us a block of addresses to use for NAT on a different subnet than the Serial IP address. This configuration lets me traceroute from the 1720 to anywhere on the Internet. However, if I traceroute from one of the LAN PCs with a static NAT address, I see the Router and the first hop (the x.x.x.125 address). The trace seems to stop there.
I cannot traceroute TO the router from outside, but I want to get the outbound part working before I determine if that is a Qwest routing problem.
I have tried several variations on this and can't seem to create any difference other than having the LAN PC not even seeing the first hop after the router. At this point I am not sure if I am messing up the NAT configuration or if it is something more basic than that.....
I would appreciate anyone's help.
Carl Neumann
interface Serial0
description connected to Internet
ip address x.x.x.126 255.255.255.252
ip nat outside
service-module t1 timeslots 1-24
service-module t1 remote-alarm-enable
!
interface FastEthernet0
description connected to EthernetLAN
ip address 192.168.200.252 255.255.255.0
ip nat inside
speed auto
!
router rip
version 2
passive-interface Serial0
network 192.168.200.0
no auto-summary
!
ip nat pool inet_pool x.x.y.98 x.x.y.98 prefix-length 24
ip nat inside source list 1 pool inet_pool overload
ip nat inside source static 192.168.200.6 x.x.y.104
ip nat inside source static 192.168.200.5 x.x.y.103
ip classless
ip route 0.0.0.0 0.0.0.0 x.x.x.125
ip route x.x.y.96 255.255.255.240 FastEthernet0
no ip http server
!
access-list 1 permit 192.168.200.0 0.0.0.255
I cannot traceroute TO the router from outside, but I want to get the outbound part working before I determine if that is a Qwest routing problem.
I have tried several variations on this and can't seem to create any difference other than having the LAN PC not even seeing the first hop after the router. At this point I am not sure if I am messing up the NAT configuration or if it is something more basic than that.....
I would appreciate anyone's help.
Carl Neumann
interface Serial0
description connected to Internet
ip address x.x.x.126 255.255.255.252
ip nat outside
service-module t1 timeslots 1-24
service-module t1 remote-alarm-enable
!
interface FastEthernet0
description connected to EthernetLAN
ip address 192.168.200.252 255.255.255.0
ip nat inside
speed auto
!
router rip
version 2
passive-interface Serial0
network 192.168.200.0
no auto-summary
!
ip nat pool inet_pool x.x.y.98 x.x.y.98 prefix-length 24
ip nat inside source list 1 pool inet_pool overload
ip nat inside source static 192.168.200.6 x.x.y.104
ip nat inside source static 192.168.200.5 x.x.y.103
ip classless
ip route 0.0.0.0 0.0.0.0 x.x.x.125
ip route x.x.y.96 255.255.255.240 FastEthernet0
no ip http server
!
access-list 1 permit 192.168.200.0 0.0.0.255