Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Problem configuring 1721 with NAT

Status
Not open for further replies.
Ricadri

Ricadri

Technical User
Feb 8, 2007
29
MC
Hello,

I have to configure a cisco 1721 with NAT

this is the config :

sh run
Building configuration...

Current configuration : 1899 bytes
!
version 12.3
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname ByPass_LinkProof
!
enable secret 5 ##############
!
no aaa new-model
ip subnet-zero
!
!
no ip domain lookup
!
!
ip cef
!
!
!
!
interface FastEthernet0
ip address 192.168.152.2 255.255.255.0
ip nat inside
speed 100
full-duplex
!
interface FastEthernet1
switchport access vlan 2
no ip address
!
interface FastEthernet2
switchport access vlan 3
no ip address
!
interface FastEthernet3
switchport access vlan 4
no ip address
!
interface FastEthernet4
switchport access vlan 5
no ip address
!
interface Vlan1
no ip address
shutdown
!
interface Vlan2
ip address <Pub Address 1> 255.255.255.248
ip nat outside
!
interface Vlan3
ip address <Pub Address 2> 255.255.255.240
!
interface Vlan4
ip address <Pub Address 3> 255.255.255.248
!
interface Vlan5
ip address <Pub Address 4> 255.255.255.248
!
ip nat inside source list 1 interface Vlan2 overload
ip nat inside source static 192.168.151.3 <Pub Address 5>
ip nat inside source static 192.168.151.4 <Pub Address 6>
ip classless
ip route 0.0.0.0 0.0.0.0 <NHR Address 1>
ip route 10.242.0.0 255.255.0.0 192.168.152.1
ip route 192.168.150.0 255.255.255.0 192.168.152.1
ip route 192.168.151.0 255.255.255.0 192.168.152.1
no ip http server
!
access-list 1 permit any
access-list 101 permit tcp any any eq www
access-list 101 permit tcp any any eq domain
access-list 101 permit tcp any any eq 3101
access-list 101 permit tcp any any eq smtp
access-list 101 permit tcp any any eq pop3
access-list 101 permit tcp any any eq 443
access-list 101 permit tcp any any eq 22
access-list 101 permit tcp any any eq 995
access-list 101 deny tcp any any
access-list 102 deny tcp any eq 445 host 192.168.0.103
access-list 102 permit tcp any any
!
line con 0
line aux 0
line vty 0 4
password #####
login
!
no scheduler allocate
!
end

ByPass_LinkProof#

The Vlans 3 4 and 5 are note used for the momment.

when he router is connecter I can ping an internet ip on the router, but not inside the network.

thanks for your help.
 
Sort by date Sort by votes
so does

10.242.0.0/16
192.168.150.0/24
192.168.151.0/24
192.168.152.0/24

cover all your lan addressing?
and do all your lan devices use 192.168.152.2 or a firewall as their default route? and if a fw does it have 192.168.152.2 as its default route?

try a trace to the station on your lan and see where its getting hung up...
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

DavidSigma
  • Locked
  • Question
CP7861 problem
Replies
0
Views
118
DavidSigma
DavidSigma
WinstonCH
  • Locked
  • Helpful tip
What is wrong with the diagram, there are people who will help to fix it? How do i do the configurat 1
Replies
1
Views
403
BIS
BIS
khashyar2021
  • Locked
  • Question
Problem with cisco switch after upgrading
Replies
1
Views
134
Geraldine Souza
Geraldine Souza
inlsp05
  • Locked
  • Question
2811 ios start with cf
Replies
0
Views
93
inlsp05
inlsp05
Collab_Guy
  • Locked
  • Question
Anyone using automation with their CUCM?
Replies
1
Views
103
kyle555
kyle555

Part and Inventory Search

Sponsor

Back
Top