Expiring Today—Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Cisco 1841 with T1 Hosting Web need help routing Net traffic In to web server

Posted on 2009-05-14
2
Medium Priority
?
333 Views
Last Modified: 2012-05-07
We just transitioned from a DSL internet connection to a T1 and a Cisco router on the T1.  We tested out and got to the Internet and everything is great except that nobody can get into our network.  We have the T1 going into the Cisco 1841 then to a Sonicwall Firewall that does Nat for our external IPs to internal IPs on our 192 internal subnet.
I have only been gleening commands here and there form posts to figure out what to throw on this router up to this point.

Please help us make this right.   So our internal firewall is on the xxx.xxx.9.194 same subnet as the FastEthernet interface  and we want all traffic coming in to that subnet to go to that ethernet subnet.  Eventually I will add restrictions, but the Sonicwall does the job for us at the moment.

Any other suggestions would be appreciated.

Thanks in advance.... hopefully a quick response will get our sites back up.

version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service udp-small-servers
service tcp-small-servers
!
hostname Router1841
!
boot-start-marker
boot-end-marker
!
enable password password
!
no aaa new-model
!
resource policy
!
ip cef
username user privilege 15 password 0 password
!
!
interface FastEthernet0/0
 description Eth0
 ip address xxx.xxx.9.193 255.255.255.248
 ip nat inside
 speed auto
 half-duplex
 no mop enabled
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial0/0/0
 description TWT1
 ip address xxx.xxx.58.134 255.255.255.252
 ip nat outside
 encapsulation ppp
 service-module t1 timeslots 1-24
 service-module t1 remote-alarm-enable
!
ip route 0.0.0.0 0.0.0.0 xxx.xxx.58.133
ip route xxx.xxx.9.192 255.255.255.248 FastEthernet0/0
!
ip http server
ip http authentication local
ip nat inside source list 1 interface Serial0/0/0 overload
!
!
access-list 1 permit any
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
 exec-timeout 90 0
 password password
 login
 transport preferred none
 transport input telnet
!
scheduler allocate 20000 1000
end

Open in new window

0
Comment
Question by:espeterson
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 43

Accepted Solution

by:
JFrederick29 earned 2000 total points
ID: 24391532
Remove NAT and the following route as the Sonicwall is handling NAT.

no ip route xxx.xxx.9.192 255.255.255.248 FastEthernet0/0
no ip nat inside source list 1 interface Serial0/0/0 overload

The rest of the config is fine.  Your ISP will route the xxx.xxx.9.192/29 subnet to your serial interface and the Cisco will then route it to the sonicwall.  No NAT is required.  If you are still unable to communicate to your public IP's on the Sonicwall after removing NAT, call your ISP and make sure they are routing xxx.xxx.9.192/29 to you via xxx.xxx.58.134.
0
 

Author Closing Comment

by:espeterson
ID: 31581712
Thanks a lot, I finally figured out the nat inside was wrong and fixed that and I appreciate the other comments
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is a guide to configure bridging on Cisco Routers.  This is something I never knew was possible until after making a few phone calls to Cisco.  Using bridging saved our company money by not requiring us to purchase a new switch.  Bridgi…
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question