We help IT Professionals succeed at work.

configuration problem, help

iamuser
iamuser asked
on
Medium Priority
216 Views
Last Modified: 2010-04-17
I have a router that's connected to a  Cable modem

Ethernet 2 is connceted to a switch. And PC's are connected to the switch, (but now I have a pc connected directly to the Ethernet 2's interface)

Ethernet 1 is connected to the modem

The router is supposed to act as a DHCP server to the clients.


here's the configuration i'm using for DHCP and for my interfaces

IP DHCP excluded-address 10.1.1.1

Ip DHCP pool stations
import all
network 10.1.1.0 255.255.255.0
default-router 10.1.1.1

interface ethernet2
ip address dhcp
ip nat inside
no shut

interface ethernet1
ip address 10.1.1.1 255.255.255.0
ip nat outside
no shut

ip route 0.0.0.0 0.0.0.0 ethernet1

ip nat inside source list 102 interface ethernet1 overload

access-list 102 permit ip 10.1.1.0 0.0.0.255 any

The pc can not get any internet connection.


Comment
Watch Question

Top Expert 2006
Commented:
Your nat inside/outside assignments are backwards.

Remove your default route.  You really shouldn't have routes pointing to broadcast interfaces.  Let the outside DHCP give you a default route.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts

Author

Commented:
What do you mean my nat inside and outside are backwards?

I thought you could use the router as a dhcp server so that you don't have to assign static private ip address to clients. Sort of like DHCP in windows.

Author

Commented:
my ethernet2 connection is to the local lan and ethernet 1 is to the modem. Switching nat assignments would nat the wrong interface.

Would switching the ip address make more sense in this case?

interface ethernet2
ip address dhcp
ip nat inside
no shut

switched to:

interface ethernet2
ip address 10.1.1.1 255.255.255.0
ip nat inside
no shut

ip nat inside source list 102 interface ethernet1 overload

access-list 102 permit ip 10.1.1.0 0.0.0.255 any

But it doesn't look like I'm using the router as a DHCP server to my clients anymore am I? I have the dhcp pool set up but I'm missing more commands right?




and then

interface ethernet1
ip address 10.1.1.1 255.255.255.0
ip nat outside
no shut

to

interface ethernet1
ip address dhcp
ip nat outside
no shut

Top Expert 2006

Commented:
I thought I understood NAT, but maybe you know more than I do.
Don JohnstonInstructor
CERTIFIED EXPERT
Top Expert 2015
Commented:
The interface connected to the cable modem must be defined as an outside NAT interface and the interface connected to your switch has to be an inside NAT interface.

Your original posted config is backwards.

Author

Commented:
my original was this

Ethernet 2 is connceted to a switch. And PC's are connected to the switch, (but now I have a pc connected directly to the Ethernet 2's interface)

Ethernet 1 is connected to the modem


interface ethernet2 --- to switch/pc
ip address dhcp
ip nat inside
no shut

interface ethernet1 -- modem
ip address 10.1.1.1 255.255.255.0
ip nat outside
no shut

so i don't get where i switched them?
You still need a NAT pool eg.

ip nat pool [name of pool] x.x.x.x x.x.x.x net x.x.x.x

the first x's being the first address in the nat pool and the second being the last address of the nat pool and the third set of x's being the subnet mask of the nat pool.

For instance if the static IP of your modem is 71.41.159.130/30 which would have a netmask of 255.255.255.252 than your nat pool statement would be:

ip nat pool iamuser 71.41.159.130 71.41.159.130 net 255.255.255.252

Also add the source statement:

ip nat inside source list 1 pool iamuser overload

---> overload tells nat to map all inside addresses to the one outside address.

Make sure your interface IP's are correct. Is your ISP assigning you 10.1.1.1/24? I dont think so... You may need to assign E1 the IP from your ISP or You may not want to assign the interfaces any IP but do put a route statement in to tell all packets destined to the internet to leave the router at interface E1.

Also do a

ROUTER# sh ip nat translation

to see if its doing any natting at all.

and try a

ROUTER# clear ip nat translation *

to clear out your nat table.

I hope it helps.
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.