Nat problem or is it routing confusion?

[Saeed42]

I have built this small net work which has four routers and switch, the switch has 3 Vlans set up 192.168.1.0 192.168.10.0, 192.168.20.0 these all go to my core router. The router on the 192.168.20 subnet has 3 interfaces set up
e0 10.132.129.55
Asyn1 10.0.20.2
Dialer 1 with dynamic ip

Everything works fine when D1 is not on line, but as soon as D1 goes on line that router sort of gets confused about what route to take, the config is as shown below, I have no idea what to do next, so please help

!
version 12.0
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
service udp-small-servers
service tcp-small-servers
!
hostname Back2Back
!
aaa new-model
aaa authentication login default tacacs+
enable secret 5 <Removed>
!
ip subnet-zero
isdn switch-type basic-net3
clock timezone GMT 0
clock summer-time BST recurring last Sun Mar 0:00 last Sun Oct 0:00
!
!
interface Ethernet0
ip address 10.132.129.55 255.255.255.0
no ip directed-broadcast
no ip proxy-arp
ip nat outside
no ip route-cache
no ip mroute-cache
!
interface Serial0
ip address negotiated
no ip directed-broadcast
no ip route-cache
no ip mroute-cache
backup interface BRI0
!
interface Serial1
no ip address
no ip directed-broadcast
no ip route-cache
no ip mroute-cache
shutdown
!
interface BRI0
no ip address
no ip directed-broadcast
no ip proxy-arp
encapsulation ppp
no ip route-cache
no ip mroute-cache
dialer pool-member 5
isdn switch-type basic-net3
ppp authentication pap callin
!
interface Async1
ip address 10.0.20.2 255.255.255.0
ip access-group 102 in
ip directed-broadcast
ip nat inside
encapsulation ppp
async dynamic routing
async mode dedicated
!
interface Dialer1
description Global Dialer
ip address negotiated
no ip directed-broadcast
no ip proxy-arp
ip nat outside
encapsulation ppp
no ip route-cache
no ip split-horizon
no ip mroute-cache
dialer remote-name test
dialer string <removed>
dialer pool 5
dialer-group 1
no fair-queue
ppp authentication pap callin
ppp pap sent-username <Removed> password 7 <Removed>
!
router eigrp 10
passive-interface Async1
network 10.0.0.0
!
ip nat inside source list 102 interface Dialer1 overload
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
ip route 192.168.0.0 255.255.0.0 Async1
!
logging 10.132.129.52
access-list 10 permit 194.126.80.0 0.0.0.255
access-list 10 permit 10.132.129.0 0.0.0.255
access-list 101 deny udp any any eq ntp
access-list 101 deny udp any any range 135 netbios-ss
access-list 101 deny tcp any any range 135 139
access-list 101 deny tcp any any eq 445
access-list 101 deny udp any any eq 445
access-list 101 permit ip any any
access-list 102 permit ip any any
dialer-list 1 protocol ip list 101
tacacs-server host 10.132.129.54
tacacs-server key <Removed>
banner motd ^CCC

!
line con 0
exec-timeout 0 0
password 7 <Removed>
transport input none
stopbits 1
line aux 0
modem InOut
transport input all
speed 38400
flowcontrol hardware
line vty 0 4
session-timeout 120
access-class 10 in
exec-timeout 30 0
password 7 <Removed>
!
end

 

[BOJIKA]

set more metric

ip route 0.0.0.0 0.0.0.0 Dialer1 201

 

[Saeed42]

I've tried this, but still doesn't work

 

[jeter]

ip route 0.0.0.0 0.0.0.0 Dialer1

do you want everything going out this route?
what exactly happens when this interface becomes active?
Have you run any debugging? Jeter@LasVegas.com
J.Fisher CCNA

 

[Saeed42]

This router has 3 interfaces set up
eth is connected to 10.132.129.0 subnet
D1 gets a dynamic IP address and routes all out going packets through this interface
Async1 is connected to 10.0.20.0 subnet, and forwards any packets for 192.168.0.0/16

I have EIGRP enable to make my life easier and all routers update each other, but the problem I'm having is, this particular router seems to get confused when D1 is online and doesn't see my tacac+ server on 10.132.129.0 subnet, I even put a static route for that subnet through e0

 

[scotsguy]

when D1 is active what does the command show ip route 10.132.129.0 display ?

 

[Saeed42]

Back2Back#sho ip route 10.132.129.0
Routing entry for 10.132.129.0/24
Known via &quot;connected&quot;, distance 0, metric 0 (connected, via interface)
Redistributing via eigrp 10
Routing Descriptor Blocks:
* directly connected, via Ethernet0
Route metric is 0, traffic share count is 1

From this it seems that everything should work as the router sees what path to take for that network.

 

[cgoodness]

Just a few thoughts. You may want to get rid of your vlans. I'm not sure why you have so many of them, other than you might have networks that you don't want talking to each other. Completely possible. If that is the case, you can route certain ip traffic to certain ports on the switch. Each port on that switch can basically assume the role of the gateway for that device. The issue may not be in your router, but fixable at the switch. Just a thought.

Simplify the config a bit:

Access list 102 is assumed. You may want to simplify the config by removing some access lists, then tightening down from there. See if removing just the reference from the interface will fix it. You also might want to setup a loopback interface on a false/test subnet to see if the routes are really being updated via EIGRP. Test it from the tacacs server especially.

 

[onyx4000]

It looks like you have a bad route?

ip route 192.168.0.0 255.255.0.0 Async1

The correct syntax is:

ip route 192.168.0.0 0.0.255.255 Async1