Hi,
I have tried implementing the following NAT config's and have had no success thus far. I think the problem lies in the firewall at one end not knowing how to route packets back to the internal interface of the cisco 1750 (interface 192.168.3.1). I would very much appreciate it if someone could verify that my config's are correct and are workable. Below are the config's of the two 1750's.
User Access Verification
Password:
MY END OF THE FRAME RELAY-1750>enable
Password:
howardkennedy-1750#show running-config
Building configuration...
Current configuration : 1010 bytes
!
version 12.1
no service single-slot-reload-enable
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname howardkennedy-1750
!
logging rate-limit console 10 except errors
enable secret 5
!
memory-size iomem 25
ip subnet-zero
no ip finger
no ip domain-lookup
!
!
!
!
interface BRI0
no ip address
shutdown
!
interface FastEthernet0
ip address 10.0.0.4 255.0.0.0
ip nat inside
speed auto
!
interface Serial0
description Connection to OPPOSITE END OF FRAME RELAY
bandwidth 512
ip address 192.168.137.205 255.255.255.0
ip nat outside
encapsulation frame-relay IETF
no fair-queue
frame-relay interface-dlci 25
frame-relay lmi-type ansi
!
ip nat inside source list 101 interface Serial0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.137.206
no ip http server
!
access-list 101 permit ip 0.0.0.0 255.0.0.0 any
!
line con 0
password v
login
transport input none
line aux 0
password v
login
line vty 0 4
password v
login
!
end
---------------------------------------------------------
Opposite end of Frame Relay
voi002-1750>enable
Password:
voi002-1750#show running-config
Building configuration...
Current configuration : 983 bytes
!
version 12.1
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname voi002-1750
!
enable secret 5
!
!
!
!
!
memory-size iomem 25
ip subnet-zero
no ip domain-lookup
!
!
!
!
interface Serial0
no ip address
encapsulation frame-relay IETF
no ip mroute-cache
no fair-queue
frame-relay lmi-type ansi
!
interface Serial0.1 point-to-point
description Connection to MY END OF THE FRAME RELAY
bandwidth 512
ip address 192.168.137.206 255.255.255.0
no cdp enable
frame-relay interface-dlci 24
!
interface BRI0
no ip address
!
interface FastEthernet0
description Connection to Firewall
ip address 192.168.3.1 255.255.255.0
speed 100
full-duplex
!
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.3.254
ip route 192.168.137.0 255.255.255.0 192.168.137.205
no ip http server
!
access-list 197 permit ip any any
!
line con 0
password v
login
line aux 0
password v
login
line vty 0 4
password v
login
!
end
--------------------------------------------
Many thanks cubic
I have tried implementing the following NAT config's and have had no success thus far. I think the problem lies in the firewall at one end not knowing how to route packets back to the internal interface of the cisco 1750 (interface 192.168.3.1). I would very much appreciate it if someone could verify that my config's are correct and are workable. Below are the config's of the two 1750's.
User Access Verification
Password:
MY END OF THE FRAME RELAY-1750>enable
Password:
howardkennedy-1750#show running-config
Building configuration...
Current configuration : 1010 bytes
!
version 12.1
no service single-slot-reload-enable
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname howardkennedy-1750
!
logging rate-limit console 10 except errors
enable secret 5
!
memory-size iomem 25
ip subnet-zero
no ip finger
no ip domain-lookup
!
!
!
!
interface BRI0
no ip address
shutdown
!
interface FastEthernet0
ip address 10.0.0.4 255.0.0.0
ip nat inside
speed auto
!
interface Serial0
description Connection to OPPOSITE END OF FRAME RELAY
bandwidth 512
ip address 192.168.137.205 255.255.255.0
ip nat outside
encapsulation frame-relay IETF
no fair-queue
frame-relay interface-dlci 25
frame-relay lmi-type ansi
!
ip nat inside source list 101 interface Serial0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.137.206
no ip http server
!
access-list 101 permit ip 0.0.0.0 255.0.0.0 any
!
line con 0
password v
login
transport input none
line aux 0
password v
login
line vty 0 4
password v
login
!
end
---------------------------------------------------------
Opposite end of Frame Relay
voi002-1750>enable
Password:
voi002-1750#show running-config
Building configuration...
Current configuration : 983 bytes
!
version 12.1
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname voi002-1750
!
enable secret 5
!
!
!
!
!
memory-size iomem 25
ip subnet-zero
no ip domain-lookup
!
!
!
!
interface Serial0
no ip address
encapsulation frame-relay IETF
no ip mroute-cache
no fair-queue
frame-relay lmi-type ansi
!
interface Serial0.1 point-to-point
description Connection to MY END OF THE FRAME RELAY
bandwidth 512
ip address 192.168.137.206 255.255.255.0
no cdp enable
frame-relay interface-dlci 24
!
interface BRI0
no ip address
!
interface FastEthernet0
description Connection to Firewall
ip address 192.168.3.1 255.255.255.0
speed 100
full-duplex
!
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.3.254
ip route 192.168.137.0 255.255.255.0 192.168.137.205
no ip http server
!
access-list 197 permit ip any any
!
line con 0
password v
login
line aux 0
password v
login
line vty 0 4
password v
login
!
end
--------------------------------------------
Many thanks cubic