Options
Configuration Assistance Needed
peanutnoggin
Member Posts: 1,096 ■■■□□□□□□□
in CCNA & CCENT
Hi TE Forums,
I unfortunately do not have my config to post at this time, but any assistance or guidance is greatly appreciated.
I'm currently practicing for my CCNA with a lab at my job. I have 4 routers connected via PVC to a central Frame Relay Switch. Each router serves as their own network.
On one network I have a router with a FastEthernet 0/0 port with 5 subinterfaces. Each subif is properly encapsulated with dot1q and they correspond to the vlans on a connected switch. I can currently hit all networks that are being advertised from the other routers via OSPF with any client in any VLAN. I setup NAT and then my problems begin.
From the Router's FE interface, I created an additional subif with an ip of 192.168.100.1 to act as my inside nat interface using: ip nat inside. I then setup a standard access list:
access-list 1 permit 192.168.100.0
access-list 1 permit any
I first setup my: ip nat pool PUBLIC_IP 123.123.123.5 123.123.123.5 netmask 255.255.255.0
I next setup my: ip nat inside source list 1 pool PUBLIC_IP overload
On my serial interface connecting to the Frame Relay Cloud, my ip is: 123.123.123.5. I set that interface as my outside using: ip nat outside
If I perform an extended ping and change my source address to the router's subif (192.168.100.1) I can ping any network that is seen in OSPF. I can also perform a:
sh ip nat translation and see the translation take place. I also have debug ip nat running to see the translations as they take place.
If I plug a client into the vlan that is being routed by subif with 192.168.100.1 address, I can only ping local networks to the router but not outside of the router. It also will not even attempt to translate the ip address into a public one.
I tried adding in a default route on the router sending all traffic that was unknown to the Serial interface connecting to the Frame Relay Cloud. Any assistance would be greatly appreciated. When I get a chance, I will post the configs & routing table.
Thanks.
Peanut Head
I unfortunately do not have my config to post at this time, but any assistance or guidance is greatly appreciated.
I'm currently practicing for my CCNA with a lab at my job. I have 4 routers connected via PVC to a central Frame Relay Switch. Each router serves as their own network.
On one network I have a router with a FastEthernet 0/0 port with 5 subinterfaces. Each subif is properly encapsulated with dot1q and they correspond to the vlans on a connected switch. I can currently hit all networks that are being advertised from the other routers via OSPF with any client in any VLAN. I setup NAT and then my problems begin.
From the Router's FE interface, I created an additional subif with an ip of 192.168.100.1 to act as my inside nat interface using: ip nat inside. I then setup a standard access list:
access-list 1 permit 192.168.100.0
access-list 1 permit any
I first setup my: ip nat pool PUBLIC_IP 123.123.123.5 123.123.123.5 netmask 255.255.255.0
I next setup my: ip nat inside source list 1 pool PUBLIC_IP overload
On my serial interface connecting to the Frame Relay Cloud, my ip is: 123.123.123.5. I set that interface as my outside using: ip nat outside
If I perform an extended ping and change my source address to the router's subif (192.168.100.1) I can ping any network that is seen in OSPF. I can also perform a:
sh ip nat translation and see the translation take place. I also have debug ip nat running to see the translations as they take place.
If I plug a client into the vlan that is being routed by subif with 192.168.100.1 address, I can only ping local networks to the router but not outside of the router. It also will not even attempt to translate the ip address into a public one.
I tried adding in a default route on the router sending all traffic that was unknown to the Serial interface connecting to the Frame Relay Cloud. Any assistance would be greatly appreciated. When I get a chance, I will post the configs & routing table.
Thanks.
Peanut Head
We cannot have a superior democracy with an inferior education system!
-Mayor Cory Booker
-Mayor Cory Booker
Comments
-
Optionsjmc012
Member Posts: 134
peanutnoggin wrote: »Hi TE Forums,
I unfortunately do not have my config to post at this time, but any assistance or guidance is greatly appreciated.
I'm currently practicing for my CCNA with a lab at my job. I have 4 routers connected via PVC to a central Frame Relay Switch. Each router serves as their own network.
On one network I have a router with a FastEthernet 0/0 port with 5 subinterfaces. Each subif is properly encapsulated with dot1q and they correspond to the vlans on a connected switch. I can currently hit all networks that are being advertised from the other routers via OSPF with any client in any VLAN. I setup NAT and then my problems begin.
From the Router's FE interface, I created an additional subif with an ip of 192.168.100.1 to act as my inside nat interface using: ip nat inside. I then setup a standard access list:
access-list 1 permit 192.168.100.0
access-list 1 permit any
I first setup my: ip nat pool PUBLIC_IP 123.123.123.5 123.123.123.5 netmask 255.255.255.0
I next setup my: ip nat inside source list 1 pool PUBLIC_IP overload
On my serial interface connecting to the Frame Relay Cloud, my ip is: 123.123.123.5. I set that interface as my outside using: ip nat outside
If I perform an extended ping and change my source address to the router's subif (192.168.100.1) I can ping any network that is seen in OSPF. I can also perform a:
sh ip nat translation and see the translation take place. I also have debug ip nat running to see the translations as they take place.
If I plug a client into the vlan that is being routed by subif with 192.168.100.1 address, I can only ping local networks to the router but not outside of the router. It also will not even attempt to translate the ip address into a public one.
I tried adding in a default route on the router sending all traffic that was unknown to the Serial interface connecting to the Frame Relay Cloud. Any assistance would be greatly appreciated. When I get a chance, I will post the configs & routing table.
Thanks.
Peanut Head
A couple things that come to mind, why would you set up a pool when you are using the ip address of the serial interface? I would do something more like this
ip nat inside source list 1 interface serial0/1 overload, also your access list is permitting everything, I wouldn't use the "permit any" statement.
I'm just learning also so I'm no expert.