Cisco 2600 config

[mikeii]

I have a 2600 with a t1 to the internet. I can ping 4.2.2.2 from either e0/0 or s0/0. I can telnet to it from the internet and ping both interfaces and the computer connected to the e0/0. But I can't ping 4.2.2.2 from the computer connected to e0/0. I can ping each interface from the computer that is connected to e0/0.
s0/0 206.169.214.6
e0/0 192.168.122.1
computer 192.168.122.2

Any help would be appreciated.

Here is the running-config

------------------ show running-config ------------------


Building configuration...

Current configuration : 1106 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname Cisco2610
!
logging queue-limit 100
enable password 7
!
ip subnet-zero
!
!
no ip domain lookup
!
!
!
!
!
interface Ethernet0/0
description connected to EthernetLAN
ip address 192.168.122.1 255.255.255.0
ip nat inside
half-duplex
!
interface Serial0/0
description connected to Internet
ip address 206.169.214.6 255.255.255.252
ip nat outside
encapsulation ppp
service-module t1 remote-alarm-enable
!
router rip
version 2
passive-interface Serial0/0
network 192.168.122.0
no auto-summary
!
ip default-gateway 206.169.214.5
ip nat pool Cisco2610-natpool-1 192.168.122.10 192.168.122.20 netmask 255.255.255.0
ip nat inside source list 1 pool Cisco2610-natpool-1 overload
ip http server
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0/0
!
!
!
access-list 1 permit 192.168.122.0 0.0.0.255
snmp-server community RO
snmp-server enable traps tty
!
line con 0
exec-timeout 0 0
password 7
login
line aux 0
line vty 0 4
password 7
login
!
!
end

 

[wanery]

Hi mikeii

You can't use non-routable addresses for your NAT pool, IE. 192.168.x.x. use the S0/0 address w/overload and skip the pool.

Good Luck

Wanery

 

[mikeii]

If I understand you correctly, I should put 206.169.214.6 as the only address in the IP nat pool.

 

[burtsbees]

No---you actually have it right, as it is an acl, not a nat pool, and the acl is applied to the outgoing interface as PAT. However, you have specified addresses .10 to .20, and .1 and .2 are not included. Change the acl to

ip nat pool Cisco2610-natpool-1 192.168.122.1 192.168.122.20 netmask 255.255.255.0

and not

ip nat pool Cisco2610-natpool-1 192.168.122.10 192.168.122.20 netmask 255.255.255.0

Burt

 

[wanery]

Hello again mikeii

What you are doing is creating a pool of "outside global" addresses using a non-routable set of addresses. Whenever these reserved addresses hit the internet, routers discard them. You need to use a globally unique address, IE., Serial 0/0's. Using the "overload" sets up PAT(Port Address Translation).

The "ip nat pool Cisco2610-natpool-1" is simply a command to setup and name your address pool. The "ip nat inside source list 1" part references the ACL (access-lit 1) you setup that limits which IP addresses are allowed to be translated.

Try the following:

ip nat pool Cisco2610-natpool-1 206.169.214.6 206.169.214.6 netmask 255.255.255.0
ip nat inside source list 1 pool Cisco2610-natpool-1 overload

Again, good luck. I have set up both static NAT mappings and Pat. It took awhileto get the hang of it.

wanery

 

[wanery]

mikeii

Oops... in the first line of previous post, it should read "inside global" (not "outside global").

Sorry for any confusion.

wanery

 

[burtsbees]

Actually, what he wants for PAT is
access-list 101 permit ip 192.168.122.0 0.0.0.255 any

and

ip nat inside source list 101 int s0/0 over

Burt

 

[mikeii]

Do I need to change my access-list 1 to 101 and ip nat inside source list 1 to 101

 

[burtsbees]

Yes.