Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Cisco 2620 and NAT

Status
Not open for further replies.
felihad

felihad

IS-IT--Management
Apr 21, 2004
17
US
Hello,

I have the following configuration. Please see below. The issue is that everything seems to work, users on the internal can browse and access the internet. Remote users can also access the internal systems from the internet.

But, DNS resolution are only ocurring on the inside, meaning, if i run i nslookup to my dns servers the won't respond to the query.

Cisco Conf.

!
version 12.0
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname R01
!
enable secret 5 $1$92A7$R.ccx1a3c3tn703Qj3oeo/
!
!
!
!
!
ip subnet-zero
!
ip audit notify log
ip audit po max-events 100
!
!
!
!
!
!
!
!
interface FastEthernet0/0
ip address 64.234.219.39 255.255.224.0
ip access-group 101 in
no ip directed-broadcast
ip nat outside
speed 100
full-duplex
no cdp enable
!
interface FastEthernet0/1
ip address 192.168.10.254 255.255.255.0
no ip directed-broadcast
ip nat inside
speed 100
full-duplex
!
ip nat inside source list 7 interface FastEthernet0/0 overload
ip nat inside source static tcp 192.168.10.113 3389 64.234.219.36 3389 extendable
ip nat inside source static tcp 192.168.10.113 8080 64.234.219.36 8080 extendable
ip nat inside source static tcp 192.168.10.2 53 64.234.219.30 53 extendable
ip nat inside source static tcp 192.168.10.3 53 64.234.219.31 53 extendable
ip nat inside source static tcp 192.168.10.150 3389 64.234.219.29 3389 extendable
ip nat inside source static tcp 192.168.10.60 3389 64.234.219.35 3389 extendable
ip nat inside source static tcp 192.168.10.50 3389 64.234.219.37 3389 extendable
ip nat inside source static tcp 192.168.10.50 80 64.234.219.37 80 extendable
ip nat inside source static tcp 192.168.10.50 443 64.234.219.37 443 extendable
ip nat inside source static tcp 192.168.10.90 80 64.234.219.32 80 extendable
ip nat inside source static tcp 192.168.10.90 443 64.234.219.32 443 extendable
ip nat inside source static tcp 192.168.10.91 80 64.234.219.33 80 extendable
ip nat inside source static tcp 192.168.10.91 443 64.234.219.33 443 extendable
ip nat inside source static udp 192.168.10.2 53 64.234.219.30 53 extendable
ip nat inside source static udp 192.168.10.3 53 64.234.219.31 53 extendable
ip classless
ip route 0.0.0.0 0.0.0.0 64.234.192.1
no ip http server
!
access-list 7 permit 192.168.10.0 0.0.0.255
access-list 101 permit ip any any
!
line con 0
transport input none
line aux 0
line vty 0 4
password fgo2004a
login
!
no scheduler allocate
end
 
Sort by date Sort by votes
I just performed some nslookups using your DNS server's outside IP and everything works fine. If you're on the inside, it's not possible to use the outside IP to do nslookups. That's just the way NAT works. Rule of thumb is any computers on the inside should use the 192.168.10.2 and .3 IPs for the DNS servers and any computers using a public address 64.234.219.X should use 64.234.219.30 and 64.234.219.31 as the DNS servers. Hope this helps.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

pbxcomm
  • Locked
  • Question
CISCO VG450
Replies
1
Views
223
bdk76
bdk76
Skip Rango
  • Locked
  • Question
how to backup cisco sg500-52p switch
Replies
1
Views
204
madwok
madwok
Jared R
  • Locked
  • Question
Cisco UC320W Paging Help
Replies
0
Views
206
Jared R
Jared R
Hayden09
  • Locked
  • Question
Cisco Sg-300 Flapping?
Replies
0
Views
209
Hayden09
Hayden09
JMarine0811
  • Locked
  • Question
CISCO VG450 Factory reset
Replies
1
Views
265
whykap
whykap

Part and Inventory Search

Sponsor

Back
Top