Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Cisco 1721 NAT Problem

Posted on 2006-10-20
3
934 Views
Last Modified: 2008-02-01
I am trying to configure a Cisco 1721 router with a ethernet WIC card to do PPPOE with the DSL modem in bridge mode. We have one public IP that the ISP will give us the same just like a static, enabling us to use our VPN connection. I'm not sure if I have the NAT configured correctly. Could someone check out my config to make sure everthing is O.K. I want to be able to go onsite knowing my config is O.K., since the site is about 6 hours away. Thanks!


Current configuration : 2303 bytes
!
version 12.4
service tcp-keepalives-in
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname xxxxxxxxxxxx
!
boot-start-marker
boot-end-marker
!
enable password 7 xxxxxxxxxxxxxxx
!
no aaa new-model
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
no ip cef
!
!
no ip dhcp use vrf connected
no ip dhcp conflict logging
ip dhcp excluded-address 192.168.28.1 192.168.28.199
!
ip dhcp pool CLIENT
   import all
   network 192.168.28.0 255.255.255.0
   default-router 192.168.28.1
   dns-server x.x.x.x x.x.x.x
!
!
no ip ips deny-action ips-interface
vpdn enable
vpdn ip udp ignore checksum
!
vpdn-group ppoe
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
crypto isakmp policy 10
 hash md5
 authentication pre-share
crypto isakmp key xxxxxxxxx address x.x.x.x
!
!
crypto ipsec transform-set strong esp-des esp-md5-hmac
!
crypto map headquarters 10 ipsec-isakmp
 set peer x.x.x.x
 set transform-set strong
 match address 110
!
!
!
!
interface Ethernet0
 no ip address
 ip nat outside
 ip virtual-reassembly
 full-duplex
 pppoe enable
 pppoe-client dial-pool-number 1
 no cdp enable
!
interface FastEthernet0
 ip address 192.168.28.1 255.255.255.0
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip nat inside
 ip virtual-reassembly
 no ip route-cache
 no ip mroute-cache
 speed 100
 full-duplex
 no cdp enable
!
interface Dialer1
 ip address negotiated
 ip mtu 1492
 ip nat outside
 ip virtual-reassembly
 encapsulation ppp
 dialer pool 1
 dialer-group 1
 ppp authentication pap callin
 ppp pap sent-username xxxxxxxxxxx password 7 xxxxxxxxxxxx
 crypto map headquarters
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
!
!
no ip http server
no ip http secure-server
ip nat inside source route-map nonat interface Dialer1 overload
!
access-list 110 permit ip 192.168.28.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 130 deny   ip 192.168.28.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 130 permit ip 192.168.28.0 0.0.0.255 any
dialer-list 1 protocol ip permit
!
route-map nonat permit 10
 match ip address 130
!
!
control-plane
!
!
!
!
!
!
!
!
!
line con 0
 exec-timeout 0 0
line aux 0
line vty 0 4
 password 7 xxxxxxxxxxxxxxxx
 login
!
end

xxxxxxxxx#
0
Comment
Question by:NascarFan3
  • 2
3 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 500 total points
ID: 17781238
I don't see any glaring problems with it. It should work fine.
0
 

Author Comment

by:NascarFan3
ID: 17792844
Thanks everything worked!!!!!
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 17793304
Good job!
0

Featured Post

Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

There are two basic ways to configure a static route for Cisco IOS devices. I've written this article to highlight a case study comparing the configuration of a static route using the next-hop IP and the configuration of a static route using an outg…
In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question