NAT Problem!

dipokdipok Member Posts: 11 ■□□□□□□□□□
I have a 2600 router. The topology is like:

Pc===========Router2600=========Dlink Switch=========router2=====Internet



Pc IP: 192.168.100.2/24
Router Inside: 192.168.100.1/24
Router outside:192.168.44.64/24


Router(2) inside: 192.168.44.1/24
DNS: 202.125.148.204



Now, I am trying to implement NAT on the 2600 router. The configuration is as following:


Current configuration : 989 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname test
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$IBy2$G5/IpqWTsKf3Zy.Ygq5/g/
enable password 123456
!
no network-clock-participate slot 1
no network-clock-participate wic 0
no aaa new-model
ip subnet-zero
no ip routing
no ip cef
!
interface FastEthernet0/0
ip address 192.168.44.64 255.255.255.0
ip nat outside
no ip route-cache
speed auto
full-duplex
!
interface FastEthernet0/1
ip address 192.168.100.1 255.255.255.0
ip nat inside
no ip route-cache
speed auto
full-duplex

!
ip nat inside source list 1 interface FastEthernet0/1 overload
ip http server
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.44.1
!
!
access-list 1 permit 192.168.100.0 0.0.0.255
!
snmp-server community test RO
snmp-server enable traps tty
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
password 123456
login
!
!
!
end

test#


Now, after this configuration, from the pc i can ping the router's outside interface(192.168.44.64). But, i cant not reach to the second router's inside interface (192.168.44.1) and so the DNS (internet). From the router's console, i can reach to the DNS.

Now, what else should I do to get the nat running.

Thank you.

Comments

  • dtlokeedtlokee Member Posts: 2,378 ■■■■□□□□□□
    Looks liek your nat rule is translating the addresses to the inside interface and that isn't going to work, change your rule to use the fastethernet0/0 instead of fa0/1
    The only easy day was yesterday!
  • dipokdipok Member Posts: 11 ■□□□□□□□□□
    thanks.

    I am gonna try this tomorrow. Well, do you think that my rest of the configuration are ok and complete? Or I have to add something to get it going?
  • dipokdipok Member Posts: 11 ■□□□□□□□□□
    I changed it according to this. However, result is the same. Still I cant ping my router2 inside interface which is my current gateway for my network.


    ip nat inside source list 1 interface FastEthernet0/0 overload
  • dtlokeedtlokee Member Posts: 2,378 ■■■■□□□□□□
    Did you remove the old one?
    The only easy day was yesterday!
  • APAAPA Member Posts: 959
    Dude....

    You have not enabled ip routing!!!!

    Have a look at your config... 'no ip routing' this command will prevent the router from doing any sort of routing......
    dipok wrote:

    enable secret 5 $1$IBy2$G5/IpqWTsKf3Zy.Ygq5/g/
    enable password 123456
    !
    no network-clock-participate slot 1
    no network-clock-participate wic 0
    no aaa new-model
    ip subnet-zero
    no ip routing
    no ip cef

    In global config mode please type 'ip routing' then try ping the gateway from the PC

    Remember to save the config once you have successfully entered the command....

    Odd to see the no ip routing command on a 2600 series router... I don't believe I have seen that before normally only on Multi-Layer switches...

    Let me know how you go

    BTW... Ensure you fix up your NAT statement as well and as dtlokee said ensure you removed the old NAT statement that was incorrect

    :D

    CCNA | CCNA:Security | CCNP | CCIP
    JNCIA:JUNOS | JNCIA:EX | JNCIS:ENT | JNCIS:SEC
    JNCIS:SP | JNCIP:SP
  • hectorjhrdzhectorjhrdz Member Posts: 127
    nice observation

    I just did look at the nat config but the other lines.





    cheers
  • dipokdipok Member Posts: 11 ■□□□□□□□□□
    Thanks everyone, my nat is working now. The mistake i did was i did not enable IP Routing. After enable, its working just fine.


    By the way, when I faced problem then I went trough a lot of Tutorials including the cisco one on the net. I found one thing strange, that is this important command is missing everywhere. For someone new like me its not good.

    Anyway, thanks for all your comments which guided me a lot.
  • joshgibson82joshgibson82 Member Posts: 80 ■■□□□□□□□□
    Can I just ask why you would want to NAT on Router 1 and not on Router 2? Router 2 has your public facing IP address correct? Why not just route between R1 and R2 instead of doing the NAT? Is this just a "see if i can do it" type thing?

    Thanks!
    Josh, CCNP CWNA
  • dipokdipok Member Posts: 11 ■□□□□□□□□□
    Is this just a "see if i can do it" type thing?

    Thanks!

    not only for that. This is a more private (!) issue. Infact, i need one more network inside, where the already nated ip need further nating. Yes, indeed i need it.

    I just have one ip, but i need several devices to play within a network owned by me.

    However, thanks everyone.
Sign In or Register to comment.