Is this a NAT issue?

Posted on 2007-03-23
Last Modified: 2010-03-18
I know there's someone here that can help me with this. I have a problem with a lab I'm trying to set up. Here's how I have it set up:

I have a Cisco 2600 router as my WAN router (connected to my ISP through a cable modem). The cable modem is connected to the fastethernet 0/0 port on my router.

The fastethernet 0/1 port on the router is connected to a pair of trunked Cisco 3512 switches. All ports on both switches are running on VLAN 2. There are 2 PCs and 1 server connected to ports on either of the 3512 switches.

The 2600 router has full connectivity to every device in my LAN and to the ISP default gateway. There's nothing this router can't ping on my LAN. I've also successfully pinged a few different DNS servers just to make sure my router can reach the internet. So the problem I'm having is definitely with the 2600 router.

My LAN IP scheme is 10.2.2.x I have a static route on my router and is the following:
ip route f0/0
(so I'm telling my router to forward packets with any IP and mask to f0/0 which takes them to the internet.)

I also put a static route in (which I'm not sure is necessary), which was:
ip route f0/1

The PC I'm on to test the network is connected to one of the 3500 switches. The PC I'm on can also ping all devices on my LAN. The PC can also ping the WAN interface (f0/0) on the 2600 router.

Problem is, I can't ping my ISP default gateway from my PC!! As a result, I have no internet access from my PCs. The ONLY device that can communicate with the internet is my 2600 router.

I believe the problem has something to do with NAT. I was not able to find any NAT settings on my 2600 router. A few questions:
-Is my 2600 router capable of acting as my edge router? How can I determine this?
-Do I need to configure NAT to get this setup to work?
-If the solution is not NAT, what could be the problem?
Question by:COE-IT
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3

Expert Comment

ID: 18783303
Yes, most likely, your IP's will not flow accross your cable ISP.
Your ISP probably has a public IP address that you need to assign to the outside of your router, or you need your router to obtain this IP thrugh DHCP.  Then you need to nat the inside network to this IP address.

Expert Comment

ID: 18783383
If you need router commands you might try these.  To be honest, I'm much better NATing with a pix and don't really know the router Nat commands.

Router#conf t
Router(config)#int f0/1
Router(config-if)#ip nat inside   //this is to your trusted network - LAN
Router(config-if)#int f0/0
Router(config-if)#ip nat out       //this is to untrusted network - WAN
Router(config)#access-list 1 permit
Router(config)#ip nat inside source list 1 interface fast0/0 overload

Hope this helps

Author Comment

ID: 18785606
Thanks, I don't think my router supports NAT but I'll try these commands

Accepted Solution

brasslan earned 125 total points
ID: 18786319
I don't know of a Cisco router that doesn't support nat.

If those nat commands don't help, and if no one else posts for a day or two, I would post another question asking how to setup nat on your router.  Also include your IOS version, and if you post your router config someone will give you the commands that you need for your situation.

Featured Post

Webinar: MongoDB® Index Types

Join Percona’s Senior Technical Services Engineer, Adamo Tonete as he presents “MongoDB Index Types, How, When and Where Should They be Used?” on Wednesday, July 12, 2017 at 11:00 am PDT / 2:00 pm EDT (UTC-7).

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are thinking of adopting cloud services, or just curious as to what ‘the cloud’ can offer then the leader according to Gartner for Infrastructure as a Service (IaaS) is Amazon Web Services (AWS).  When I started using AWS I was completely new…
The use of stolen credentials is a hot commodity this year allowing threat actors to move laterally within the network in order to avoid breach detection.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question