Can some of the experts out there can help me to resolve this NAT problem.
I have a regular 2621 running IOS 12.1(7) with a full channelized T1 connection on HDLC via a S0/0 WAN interface, and a F0/0 fastEthernet LAN interface. I want to create a NAT/PAT between the WAN and LAN interface. But everytime when I issue the IP NAT OUTSIDE command on S0/0, traffic will stop, and packets will not pass on the interface (I can't even do a basic ping to the far end ISP router). I thought maybe it's an access-list issue and shutdown the f0/0 interface, but it still does the same thing. Is there something I am overlook. It can't be that difficult. Anyways, any comment will be greatly appreciated. Below is the simplifed config file.
version 12.1
service timestamps debug datetime localtime
service timestamps log datetime localtime
service password-encryption
!
hostname LPF_2621_23
!
logging buffered 4096 debugging
no logging console
no logging monitor
enable secret 5 $1$fLZ0$ZUUT3fhxAaPtA44F96JKe0
!
!
!
!
!
clock timezone EST -5
clock summer-time EDT recurring
ip subnet-zero
ip cef
no ip finger
!
!
!
!
interface FastEthernet0/0
description Ethernet Interface toward 10.23.0.0 (LAN)
ip address 10.23.1.1 255.255.0.0
ip nat inside
duplex auto
speed auto
no cdp enable
!
interface Serial0/0
description WAN Interface
ip address X.X.X.10 255.255.255.252
ip nat outside
!
ip nat pool internet Y.Y.Y.134 Y.Y.Y.134 netmask 255.255.255.248
ip nat inside source list 199 pool Internet overload
ip classless
ip route 0.0.0.0 0.0.0.0 s0/0
ip http server
!
access-list 199 permit ip any any
no cdp run
!
line con 0
transport input none
line aux 0
line vty 0 4
password 7 1413170A0801242F
login
!
no scheduler allocate
end
LPF_2621_23#
I have a regular 2621 running IOS 12.1(7) with a full channelized T1 connection on HDLC via a S0/0 WAN interface, and a F0/0 fastEthernet LAN interface. I want to create a NAT/PAT between the WAN and LAN interface. But everytime when I issue the IP NAT OUTSIDE command on S0/0, traffic will stop, and packets will not pass on the interface (I can't even do a basic ping to the far end ISP router). I thought maybe it's an access-list issue and shutdown the f0/0 interface, but it still does the same thing. Is there something I am overlook. It can't be that difficult. Anyways, any comment will be greatly appreciated. Below is the simplifed config file.
version 12.1
service timestamps debug datetime localtime
service timestamps log datetime localtime
service password-encryption
!
hostname LPF_2621_23
!
logging buffered 4096 debugging
no logging console
no logging monitor
enable secret 5 $1$fLZ0$ZUUT3fhxAaPtA44F96JKe0
!
!
!
!
!
clock timezone EST -5
clock summer-time EDT recurring
ip subnet-zero
ip cef
no ip finger
!
!
!
!
interface FastEthernet0/0
description Ethernet Interface toward 10.23.0.0 (LAN)
ip address 10.23.1.1 255.255.0.0
ip nat inside
duplex auto
speed auto
no cdp enable
!
interface Serial0/0
description WAN Interface
ip address X.X.X.10 255.255.255.252
ip nat outside
!
ip nat pool internet Y.Y.Y.134 Y.Y.Y.134 netmask 255.255.255.248
ip nat inside source list 199 pool Internet overload
ip classless
ip route 0.0.0.0 0.0.0.0 s0/0
ip http server
!
access-list 199 permit ip any any
no cdp run
!
line con 0
transport input none
line aux 0
line vty 0 4
password 7 1413170A0801242F
login
!
no scheduler allocate
end
LPF_2621_23#
