Solved

cisco 1720 behind a DSL router??

Posted on 2004-09-18
7
343 Views
Last Modified: 2013-11-29
I have a cisco 1720 behind a  DSL Netopia router. I have configured the  1720 as shown below but I am not able to get past my LAn with this. Could you have a look and let me know if I have made a mistake somewhere in my config.The gateway address on my netopia (LAN) side is 192.168.10.254 and the WAN side is 69.152.XX.XX . I have mapped the ethernet0 interface of my 1720 to a public address(I have done this mapping in the DSL router) Thank you for your help.


Current configuration : 919 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname XXXXXX
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$XXXXXXXXXXXX
enable password XXXXXX
!
memory-size iomem 25
no aaa new-model
ip subnet-zero
!
!
!
ip dhcp pool cpe
network 192.168.15.0 255.255.255.0
   dns-server 151.164.XX.XX
   default-router 192.168.15.1
!
ip cef
!
!
!
!
interface Ethernet0
 ip address 192.168.10.10 255.255.255.0
 no ip unreachables
 ip nat outside
 half-duplex
 no cdp enable
!
interface FastEthernet0
 ip address 192.168.15.1 255.255.255.0
 ip nat inside
 speed auto
 no cdp enable
!
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.10.254
no ip http server
!
access-list 1 permit 192.168.110.0 0.0.0.255
dialer-list 1 protocol ip permit
!
line con 0
 exec-timeout 0 0
line aux 0
line vty 0 4
 password XXXX
 login
!
end


0
Comment
Question by:aej1973
  • 3
  • 2
  • 2
7 Comments
 
LVL 5

Expert Comment

by:netspec01
ID: 12093663
Looks like you are missing an IP NAT pool.
0
 

Author Comment

by:aej1973
ID: 12093687
Where??
0
 
LVL 5

Expert Comment

by:netspec01
ID: 12093732
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 79

Expert Comment

by:lrmoore
ID: 12093839
you have Ip nat inside, and IP nat outside interfaces, but you don't define the NAT:

add these two lines:

  access-list 2 permit 192.168.15.0 0.0.0.255
  ip nat inside source list 2 interface Ethernet0 overload

0
 
LVL 5

Expert Comment

by:netspec01
ID: 12096088
This is what you need:

1. nat pool defined for PAT
2. NAT inside for inside interface
3. nat outside for outside interface
4. an ACL to define interesting traffic
5. a route for traffic pointing to upstream router

I just tested this on 12.3(9).

interface Ethernet0
 ip address 192.168.10.10 255.255.255.0
 ip nat outside
!
interface FastEthernet0
 ip address 192.168.15.1 255.255.255.0
 ip nat inside  
!
ip route 0.0.0.0 0.0.0.0 192.168.10.254
!
access-list 1 permit 192.168.15.0 0.0.0.255
!
ip nat pool mypool 192.168.10.10 192.168.10.10 netmask 255.255.255.0
Ip nat source list 1 mypool overload
0
 

Author Comment

by:aej1973
ID: 12096609
these are the  changes i made and it still does not seem to be working. Even after I have mapped  ethernet0 to a public IP I am not able to ping it from outside.????

Current configuration : 1089 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Texas_Tunnel
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$Pyd0$fMn65blA5ESj/9aYAPiWO/
enable password 73arun
!
memory-size iomem 25
no aaa new-model
ip subnet-zero
!
!
!
ip dhcp pool cpe
 network 192.168.15.0 255.255.255.0
   dns-server 151.164.1.8
   default-router 192.168.15.1
!
ip cef
!
!
!
!
interface Ethernet0
 ip address 192.168.10.10 255.255.255.0
 no ip unreachables
 ip nat outside
 half-duplex
 no cdp enable
!
interface FastEthernet0
 ip address 192.168.15.1 255.255.255.0
 ip nat inside
 speed auto
 no cdp enable
!
ip nat pool mypool 192.168.10.10 192.168.10.10 netmask 255.255.255.0
ip nat inside source list 1 pool nat overload
ip nat inside source list 2 interface Ethernet0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.10.254
no ip http server
!
access-list 1 permit 192.168.15.0 0.0.0.255
dialer-list 1 protocol ip permit
!
line con 0
 exec-timeout 0 0
line aux 0
line vty 0 4
 password arun1973
 login
!
end


0
 
LVL 79

Accepted Solution

by:
lrmoore earned 250 total points
ID: 12096666
Remove these two lines
 router(config)# no ip nat pool mypool 192.168.10.10 192.168.10.10 netmask 255.255.255.0
 router(config)# no ip nat inside source list 1 pool nat overload

Add this one
  access-list 2 permit 192.168.15.0 0.0.0.255

0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

822 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question