We help IT Professionals succeed at work.

IP NAT with DHCP

Rich4U
Rich4U asked
on
Medium Priority
382 Views
Last Modified: 2010-04-17
Hello,
I am trying to get my 2 computers to use NAT which are connected to a LAN Hub which is connected to a cisco 2621
router. The router had dual fastethernet ports 0/0 and 0/1
I set my port 0/0 to recieve DHCP from my cable modem. What Are some specific commands to get these 2 computers to the internet? I went to the cisco site, but it did not help. I read about how to get a bunch of local address to use one global address, but then in the config they ask you for a list of global addresses, which doesn't make sense because the whole topic is about using one global address, so I dont know why in their config sample it asks for a list of global addresses. I dont have an access list set on the router either. Does it matter if I have an access list or not? Any Help would be greatly appreciated.

Thank You
Comment
Watch Question

Les MooreSr. Systems Engineer
CERTIFIED EXPERT
Top Expert 2008

Commented:
Can you post your config? We'll start with what you have and add what you need...

router>enable
router#sho config

Author

Commented:
All I have so far is:

Fastethernet 0/0
ip dhcp
speed auto
duplex auto
Sr. Systems Engineer
CERTIFIED EXPERT
Top Expert 2008
Commented:
OK, I have to make some assumptions here to get started.
1. Fastethernet 0/1 is connected to your LAN hub
2. Fastethernet 0/0 is connected to your cable modem
3. You want the router to be a DHCP server for your inside machines
4. You get only one IP address dynamically from your ISP
5. You are not using a loghost/snmp network management station
6. You are not running Firewall IOS
7. You are getting an IP address from the cable ISP ("show interface Fast 0/0" to see)


*almost* complete config:

service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname MYROUTER
!
logging buffered 4096 debugging
!
!
ip subnet-zero
!

# OMIT THESE LINES if you have an internal DHCP server
ip dhcp pool POOL
   network 192.168.1.0 255.255.255.255
   default-router 192.168.1.1
   dns-server 198.6.1.2
   lease infinite
!
# /OMIT
!
!
!
interface FastEthernet0/0
 ip dhcp
 speed auto
 duplex auto
 ip nat outside
!
interface FastEthernet 0/1
 ip address 192.168.1.1 255.255.255.0
 ip nat inside
!
!
ip nat inside source list 1 interface FastEthernet 0/0 overload
!
access-list 1 permit 192.168.1.0 255.255.255.0
!
ip classless
ip route 0.0.0.0 0.0.0.0 FastEthernet 0/0
no ip http server
!
line con 0
 transport input none
line aux 0
line vty 0 4
 password cisco
!
end

MYROUTER#

Author

Commented:
Ok, We seem to be miscommunicating. I have DHCP from my cable modem to faste0/0. I recieve an IP address from my ISP. Now I have 2 PC's that I would like to use for this 1 IP address I recieve from my ISP. I do not want my router to act as a DHCP server. I just want to assign my PC's a local private ip address such as 192.168.1.2 and 192.168.1.3 and the gateway as 192.168.1.1 which is faste0/1 on the router. Now I have it now as:

Faste0/0
IP dhcp
ip nat outside
(this port is directly connected to cable modem)

Faste0/1
ip address 192.168.1.1 255.255.255.0
ip nat inside
(this port is dircetly connected to a hub)

PC 1
192.168.1.2
(directly connect to Hub)
Cannot ping gateway 192.168.1.1 (request timed out)

PC 2
192.168.1.3
(directly connected to Hub)
Cannot ping gateway 192.168.1.1 (request timed out)

Commented:
What happens if you do a "show interface fastethernet 0/1"?  Does it show the interface as being up?  

Les MooreSr. Systems Engineer
CERTIFIED EXPERT
Top Expert 2008

Commented:
We're not miscommunicating at all...
You still need all the configurations I provided to setup your NAT and routing...

If you use this command:

router> show ip interface brief

Does any interface show up as "administratively down"?
Do you get an IP address for fast 0/0?

If so,
router(config)#interface fast 0/0
router(config-if)# no shut
router(config-if)#interface fast 0/1
router(config-if)# no shut

Now with "sho ip interface brief" you should see Status up/protocol up

Now you should be able to ping the workstations from the router...


Author

Commented:
Its working Now,

But the connection is very slow, what can be done to tweak it?

Author

Commented:
Nevermind the connection is OK.

Thank you again

Author

Commented:
You the Man!!!!!
Les MooreSr. Systems Engineer
CERTIFIED EXPERT
Top Expert 2008

Commented:
Now, when you want to add security access-list to this, let me know....

Author

Commented:
How come I cannot ping anything when I telnet to the router?

I have an fxs card in it and I want to place a call via IP, but I cannot ping my gateway from the router. I can ping it from my PC though.

Author

Commented:
Yes,  How can I implement that access-list to prevent myself from being hacked?

Explore More ContentExplore courses, solutions, and other research materials related to this topic.