Solved

configuration problem, help

Posted on 2006-10-30
7
197 Views
Last Modified: 2010-04-17
I have a router that's connected to a  Cable modem

Ethernet 2 is connceted to a switch. And PC's are connected to the switch, (but now I have a pc connected directly to the Ethernet 2's interface)

Ethernet 1 is connected to the modem

The router is supposed to act as a DHCP server to the clients.


here's the configuration i'm using for DHCP and for my interfaces

IP DHCP excluded-address 10.1.1.1

Ip DHCP pool stations
import all
network 10.1.1.0 255.255.255.0
default-router 10.1.1.1

interface ethernet2
ip address dhcp
ip nat inside
no shut

interface ethernet1
ip address 10.1.1.1 255.255.255.0
ip nat outside
no shut

ip route 0.0.0.0 0.0.0.0 ethernet1

ip nat inside source list 102 interface ethernet1 overload

access-list 102 permit ip 10.1.1.0 0.0.0.255 any

The pc can not get any internet connection.


0
Comment
Question by:iamuser
7 Comments
 
LVL 12

Assisted Solution

by:pjtemplin
pjtemplin earned 50 total points
ID: 17834012
Your nat inside/outside assignments are backwards.

Remove your default route.  You really shouldn't have routes pointing to broadcast interfaces.  Let the outside DHCP give you a default route.
0
 

Author Comment

by:iamuser
ID: 17834184
What do you mean my nat inside and outside are backwards?

I thought you could use the router as a dhcp server so that you don't have to assign static private ip address to clients. Sort of like DHCP in windows.

0
 

Author Comment

by:iamuser
ID: 17834384
my ethernet2 connection is to the local lan and ethernet 1 is to the modem. Switching nat assignments would nat the wrong interface.

Would switching the ip address make more sense in this case?

interface ethernet2
ip address dhcp
ip nat inside
no shut

switched to:

interface ethernet2
ip address 10.1.1.1 255.255.255.0
ip nat inside
no shut

ip nat inside source list 102 interface ethernet1 overload

access-list 102 permit ip 10.1.1.0 0.0.0.255 any

But it doesn't look like I'm using the router as a DHCP server to my clients anymore am I? I have the dhcp pool set up but I'm missing more commands right?




and then

interface ethernet1
ip address 10.1.1.1 255.255.255.0
ip nat outside
no shut

to

interface ethernet1
ip address dhcp
ip nat outside
no shut

0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 12

Expert Comment

by:pjtemplin
ID: 17835398
I thought I understood NAT, but maybe you know more than I do.
0
 
LVL 50

Assisted Solution

by:Don Johnston
Don Johnston earned 100 total points
ID: 17835463
The interface connected to the cable modem must be defined as an outside NAT interface and the interface connected to your switch has to be an inside NAT interface.

Your original posted config is backwards.
0
 

Author Comment

by:iamuser
ID: 17835590
my original was this

Ethernet 2 is connceted to a switch. And PC's are connected to the switch, (but now I have a pc connected directly to the Ethernet 2's interface)

Ethernet 1 is connected to the modem


interface ethernet2 --- to switch/pc
ip address dhcp
ip nat inside
no shut

interface ethernet1 -- modem
ip address 10.1.1.1 255.255.255.0
ip nat outside
no shut

so i don't get where i switched them?
0
 
LVL 1

Accepted Solution

by:
rrobbinstx earned 250 total points
ID: 17839797
You still need a NAT pool eg.

ip nat pool [name of pool] x.x.x.x x.x.x.x net x.x.x.x

the first x's being the first address in the nat pool and the second being the last address of the nat pool and the third set of x's being the subnet mask of the nat pool.

For instance if the static IP of your modem is 71.41.159.130/30 which would have a netmask of 255.255.255.252 than your nat pool statement would be:

ip nat pool iamuser 71.41.159.130 71.41.159.130 net 255.255.255.252

Also add the source statement:

ip nat inside source list 1 pool iamuser overload

---> overload tells nat to map all inside addresses to the one outside address.

Make sure your interface IP's are correct. Is your ISP assigning you 10.1.1.1/24? I dont think so... You may need to assign E1 the IP from your ISP or You may not want to assign the interfaces any IP but do put a route statement in to tell all packets destined to the internet to leave the router at interface E1.

Also do a

ROUTER# sh ip nat translation

to see if its doing any natting at all.

and try a

ROUTER# clear ip nat translation *

to clear out your nat table.

I hope it helps.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Join & Write a Comment

Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now