Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Cisco 1721 problem 2

Status
Not open for further replies.
Strawhidy

Strawhidy

IS-IT--Management
Nov 7, 2006
35
US
I'm running into a problem where random PCs cannot play games online at my Cybercafe. Users can intially play online at times but may get kicked from an online game or simply choose another game when the problem starts. When I find one of my PCs having this problem I check to see if I can ping the PC from the main cafe management server. I can see the PC and ping it internally but multiplayer servers will not appear on any game nor will it allow me to connect to various games online such as World of Warcraft. WoW simply says" Unable to connect" when attempting to login. If I try to acccess the Internet using a broswer I can't connect as well. If I exclude the IP from my Win2k3 DHCP server's scope and force the problem PC to get a new IP, I can connect with no problems with a new IP. My was router was configured to handle dual T1s with two wics at one point but it's been reconfigured for only one. I do have an ISA server running with it's built in firewall but it's configured to proxy all Internet traffic though our DSL line and had nothing to do with this router or the T1. I've replaced my entire Win2k3 server and completely reinstalled DHCP server as well. I've also chage port on my Cisco 2948G switch. This problem has been gotten out of hand and I would appreciate any input.



NJ#sh conf
Using 2077 out of 29688 bytes
!
version 12.3
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
no service dhcp
!
hostname NJ
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$VF4H$IuHF8t1tEbXBs.YHOFnvU.
!
no aaa new-model
!
resource policy
!
ip subnet-zero
no ip source-route
!
!
no ip dhcp use vrf connected
!
!
ip cef
no ip domain lookup
no ip bootp server
!
!
!
!
interface FastEthernet0
description to NetJam LAN
ip address 12.158.72.30 255.255.255.248 secondary
ip address 192.168.0.1 255.255.255.0
ip helper-address 192.168.0.5
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache policy
speed 100
!
interface Serial0
description to ATT T1
bandwidth 1536
ip address 206.121.216.162 255.255.255.252
ip nat outside
ip virtual-reassembly
encapsulation ppp
no keepalive
down-when-looped
service-module t1 remote-alarm-enable
!
interface Serial1
no ip address
shutdown
!
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0
no ip http server
!
ip nat pool 2T1S 12.158.72.30 12.158.72.30 prefix-length 29
ip nat inside source list 1 pool 2T1S overload
ip nat inside source static tcp 192.168.0.5 80 12.158.72.30 80 extendable
ip nat inside source static udp 192.168.0.5 80 12.158.72.30 80 extendable
ip nat inside source static tcp 192.168.0.200 8082 12.158.72.30 8082 extendable

!
access-list 1 permit 192.168.0.0 0.0.0.255
access-list 1 permit 12.158.72.0 0.0.0.255
access-list 1 permit 206.121.216.0 0.0.0.255
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
password 7 06080A35464F04485744
login
!
end
 
Sort by date Sort by votes
I've made the following changes however the following command could only be entered if the last octet was changed to 192. Here is what happened when I typed the command:
_________________________________________________________
nj-rtr(config)#ip nat pool NAT 12.158.72.31 12.158.72.36 netmask 255.255.255.248
%Pool NAT mask 255.255.255.248 too small; should be at least 255.255.255.192
%Start and end addresses on different subnets
_________________________________________________________

I just entered 255.255.255.192 and the router accepted to command. Below is the running config now. Will this do? If so will I need to changed any of my NAT mappings?



User Access Verification

Password:
nj-rtr>en
Password:
nj-rtr#sh run
Building configuration...

Current configuration : 2146 bytes
!
version 12.3
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
no service dhcp
!
hostname nj-rtr
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$Bdl6$yRj.ogMMiDwJtGxGKpQam.
!
no aaa new-model
!
resource policy
!
ip subnet-zero
no ip source-route
!
!
no ip dhcp use vrf connected
!
!
ip cef
no ip domain lookup
no ip bootp server
!

!
!
!
interface FastEthernet0
description to NetJam LAN
ip address 12.158.72.30 255.255.255.248 secondary
ip address 192.168.0.1 255.255.255.0
ip helper-address 192.168.0.5
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache policy
speed 100
!
interface Serial0
description to ATT T1
bandwidth 1536
ip address 206.121.216.162 255.255.255.252
ip nat outside
ip virtual-reassembly
encapsulation ppp
no keepalive
down-when-looped
service-module t1 remote-alarm-enable
!
interface Serial1
no ip address
shutdown
!
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0
no ip http server
!
ip nat pool NAT 12.158.72.31 12.158.72.36 netmask 255.255.255.192
ip nat inside source list NAT interface Serial0 overload
ip nat inside source static tcp 192.168.0.1 23 12.158.72.30 23 extendable
ip nat inside source static tcp 192.168.0.5 80 12.158.72.30 80 extendable
ip nat inside source static udp 192.168.0.5 80 12.158.72.30 80 extendable
ip nat inside source static tcp 192.168.0.5 3389 12.158.72.30 3389 extendable
ip nat inside source static tcp 192.168.0.200 8082 12.158.72.30 8082 extendable
ip nat inside source static udp 192.168.0.11 20800 12.158.72.30 20800 extendable
ip nat inside source static udp 192.168.0.11 20810 12.158.72.30 20810 extendable
ip nat inside source static udp 192.168.0.11 28960 12.158.72.30 28960 extendable
!
access-list 1 permit 192.168.0.0 0.0.0.255
access-list 1 permit 12.158.72.0 0.0.0.255
access-list 1 permit 206.121.216.0 0.0.0.255
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4

nj-rtr#
 
Upvote 0 Downvote
Ok, I lost Internet access after that last changes so I compared the commands and managed to get the router to work with the following commands;

ip nat pool NAT 12.158.72.31 12.158.72.36 netmask 255.255.255.192
ip nat inside source list 1 pool NAT overload

If this is wrong then please let me know. The new config is as follows:

Building configuration...

Current configuration : 2135 bytes
!
version 12.3
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
no service dhcp
!
hostname nj-rtr
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$Bdl6$yRj.ogMMiDwJtGxGKpQam.
!
no aaa new-model
!
resource policy
!
ip subnet-zero
no ip source-route
!
!
no ip dhcp use vrf connected
!
!
ip cef
no ip domain lookup
no ip bootp server
!

!
!
!
interface FastEthernet0
description to NetJam LAN
ip address 12.158.72.30 255.255.255.248 secondary
ip address 192.168.0.1 255.255.255.0
ip helper-address 192.168.0.5
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache policy
speed 100
!
interface Serial0
description to ATT T1
bandwidth 1536
ip address 206.121.216.162 255.255.255.252
ip nat outside
ip virtual-reassembly
encapsulation ppp
no keepalive
down-when-looped
service-module t1 remote-alarm-enable
!
interface Serial1
no ip address
shutdown
!
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0
no ip http server
!
ip nat pool NAT 12.158.72.31 12.158.72.36 netmask 255.255.255.192
ip nat inside source list 1 pool NAT overload
ip nat inside source static tcp 192.168.0.1 23 12.158.72.30 23 extendable
ip nat inside source static tcp 192.168.0.5 80 12.158.72.30 80 extendable
ip nat inside source static udp 192.168.0.5 80 12.158.72.30 80 extendable
ip nat inside source static tcp 192.168.0.5 3389 12.158.72.30 3389 extendable
ip nat inside source static tcp 192.168.0.200 8082 12.158.72.30 8082 extendable
ip nat inside source static udp 192.168.0.11 20800 12.158.72.30 20800 extendable
ip nat inside source static udp 192.168.0.11 20810 12.158.72.30 20810 extendable
ip nat inside source static udp 192.168.0.11 28960 12.158.72.30 28960 extendable
!
access-list 1 permit 192.168.0.0 0.0.0.255
access-list 1 permit 12.158.72.0 0.0.0.255
access-list 1 permit 206.121.216.0 0.0.0.255
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4

login
!
end
 
Upvote 0 Downvote
The commands look right, are you still having the problems with drop offs?

----------------------------------
Bill
 
Upvote 0 Downvote
Looking at the original post the NAT IP address is 12.158.72.30/29

thus the IP range would be 12.158.72.25 - 12.158.72.30. Thus his NAT command should read.

ip nat pool NAT 12.158.72.25 12.158.72.30 netmask 255.255.255.248


The reason the command was denied is because 12.158.72.31/29 is a broadcast address.



CCNA, A+, HP Certified Professional
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

pbxcomm
  • Locked
  • Question
CISCO VG450
Replies
1
Views
362
bdk76
bdk76
Skip Rango
  • Locked
  • Question
how to backup cisco sg500-52p switch
Replies
1
Views
351
madwok
madwok
Jared R
  • Locked
  • Question
Cisco UC320W Paging Help
Replies
0
Views
327
Jared R
Jared R
Hayden09
  • Locked
  • Question
Cisco Sg-300 Flapping?
Replies
0
Views
333
Hayden09
Hayden09
JMarine0811
  • Locked
  • Question
CISCO VG450 Factory reset
Replies
1
Views
433
whykap
whykap

Part and Inventory Search

Sponsor

Back
Top