Solved

Cisco 1811 - routed subnet behind PPPOE can't reach internet without NAT

Posted on 2013-12-14
6
259 Views
Last Modified: 2015-04-12
Hello,
My ISP recently assigned me a routed subnet - let's call it 206.x.x.104/29 (255.255.255.248). They said that this routed subnet is "behind" the IP that is assigned to me automatically via PPPOE.
When I take one of those usable IPs (like 206.x.x.105), assign it to a VLAN called "206" on the router, and then get my laptop on that VLAN, I can see the router. The router can see me. The router can see the internet. The laptop cannot reach the internet.
I've turned on ip route. I've set the default gateway to use the Dialer1 interface. The PPPoE connects fine, I just can't get the VLAN 206 to see the internet.
Of course, when I enable NAT for the VLAN 206 (set VLAN 206 up for "ip nat inside", and set Dialer1 as "ip nat outside"), the VLAN 206 can see the internet, but nothing on the internet can see VLAN 206 since it's NATed.
Also worth noting: a traceroute from another place on the internet to an IP address in my routed subnet 206.x.x.104/29 never seems to reach my automatically  assigned PPPOE IP. Any good advice out there?1811WorkInProgress.txt
0
Comment
Question by:SPLAT-Tech
  • 3
  • 3
6 Comments
 
LVL 46

Expert Comment

by:Craig Beck
ID: 39719220
Config looks good to me.  Have you tried using:

ip route 0.0.0.0 0.0.0.0 dhcp

instead of...

ip route 0.0.0.0 0.0.0.0 Dialer1

Alternatively, just remove the static default route.  You have the ppp ipcp route default command in the Dialer config so it will inject the route from the PPP session if IPCP negotiation succeeds.
0
 

Author Comment

by:SPLAT-Tech
ID: 39719585
OK - so I hopped into the router and removed the static default route which allowed the router to continue to see the internet (as you said, since the ipcp session comes up), but no internet from laptop still without NAT setup on the router. Also, re-adding the static default route as you suggested, using DHCP instead of Dialer1, gave me the same result.
I'm hoping to get a call from my ISP on Monday to see if this is on their end or not. Thanks craigbeck for the ideas.
My biggest concern: the ISP seems to be saying that the routed subnet is a next-hop after my PPPOE assigned IP, then why do I never see the PPPOE assigned IP in the tracert results? We'll see on Monday...
0
 
LVL 46

Expert Comment

by:Craig Beck
ID: 39719683
They probably just set the route profile wrong in RADIUS.
0
Simple, centralized multimedia control

Watch and learn to see how ATEN provided an easy and effective way for three jointly-owned pubs to control the 60 televisions located across their three venues utilizing the ATEN Control System, Modular Matrix Switch and HDBaseT extenders.

 

Accepted Solution

by:
SPLAT-Tech earned 0 total points
ID: 40711437
After speaking with the ISP ( i got someone that actually new what they were doing) we found out they had a bad route on their end.  They would not disclose the exact nature of the problem but they did fix it and all is good now.
0
 

Author Closing Comment

by:SPLAT-Tech
ID: 40719447
The problem was actually with the ISP
0
 
LVL 46

Expert Comment

by:Craig Beck
ID: 40719476
So why was my answer not selected??

craigbeck 2013-12-15 at 10:01:44  ID: 39719683
They probably just set the route profile wrong in RADIUS.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

If your business is like most, chances are you still need to maintain a fax infrastructure for your staff. It’s hard to believe that a communication technology that was thriving in the mid-80s could still be an essential part of your team’s modern I…
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question