Options
NAT oveload on THREE interfaces??
fonestar1978
Banned Posts: 55 ■■□□□□□□□□
in CCNA & CCENT
Hi there, I am getting ready for my CCNA course starting in January. I already have the CCENT so I feel a little dumb having this problem but here goes.
I have a Cisco 2600 receiving DHCP address to e0/1 (going thru a wireless bridge)
A Cisco 2500 connected to the 2600 via Serial0
and an XP machine connected to the 2600
the 2500 is on network 192.168.3.0 on s0/0
the XP (connected to the 2600) 192.168.2.0 on e0/0
the wireless bridge is DHCP'd (to the 2600) at 192.168.1.0 on e0/1
The XP machine can get onto the internet thru the 2600, it can also ping the 2500 (192.168.3.2).
The Cisco 2600 can ping the public internet, the 2500 and the XP machine.
The Cisco 2500 can ping the XP machine, and both e0/0 and s0/0 on the 2600.
The Cisco 2500 can NOT make the gateway (192.168.1.1) or the public internet.
Debug on the 2600 doesn't even show a request for the address.
I have tried configuring the 2600 with a static route for the 2500 and it still doesn't work ie:
ip route 192.168.3.0 0.0.0.255 e0/1
When I tried configuring the s0/0 interface of the 2600 to use ip nat outside it just hangs. Can I configure both Ethernet interfaces of the 2600 to use PAT?? And the e0/1 interface to overload both? Any ideas are much appreciated as I've been Googling alot over the last three days, everything just gives and example of one Ethernet interface using PAT and thru to a Modem. Doesn't deal with a second router or interface!
Thanks in advance!!
I have a Cisco 2600 receiving DHCP address to e0/1 (going thru a wireless bridge)
A Cisco 2500 connected to the 2600 via Serial0
and an XP machine connected to the 2600
the 2500 is on network 192.168.3.0 on s0/0
the XP (connected to the 2600) 192.168.2.0 on e0/0
the wireless bridge is DHCP'd (to the 2600) at 192.168.1.0 on e0/1
The XP machine can get onto the internet thru the 2600, it can also ping the 2500 (192.168.3.2).
The Cisco 2600 can ping the public internet, the 2500 and the XP machine.
The Cisco 2500 can ping the XP machine, and both e0/0 and s0/0 on the 2600.
The Cisco 2500 can NOT make the gateway (192.168.1.1) or the public internet.
Debug on the 2600 doesn't even show a request for the address.
I have tried configuring the 2600 with a static route for the 2500 and it still doesn't work ie:
ip route 192.168.3.0 0.0.0.255 e0/1
When I tried configuring the s0/0 interface of the 2600 to use ip nat outside it just hangs. Can I configure both Ethernet interfaces of the 2600 to use PAT?? And the e0/1 interface to overload both? Any ideas are much appreciated as I've been Googling alot over the last three days, everything just gives and example of one Ethernet interface using PAT and thru to a Modem. Doesn't deal with a second router or interface!
Thanks in advance!!
Comments
-
Options
dtlokee
Member Posts: 2,378 ■■■■□□□□□□
I don't fully understand your scenario but you can use multiple nat inside and a single NAT outside interface.interface eth0/0 ip nat inside ip address 192.168.1.1 255.255.255.0 interface eth0/1 ip nat inside ip address 192.168.2.1 255.255.255.0 int serial 0/0 ip nat outside ip address 10.10.10.1 255.255.255.0 access-list 10 permit 192.168.1.0 0.0.0.255 access-list 10 permit 192.168.2.0 0.0.0.255 ip nat inside source list 10 interface serial 0/0 overload
That should get you going. Also your static rout example won't work, you used a wildcard mask and it requires a subnet mask. Additionally you would not want to use an exit interface that is a Ethernet interface, you should put the IP address of the next hop router.The only easy day was yesterday! -
Optionsfonestar1978
Banned Posts: 55 ■■□□□□□□□□
Thanks that helped half of it!!
The Cisco 2500 can now ping 192.168.1.1 through the 2600. It still cannot ping URL's or ip addresses. I think this may be a DHCP issue now as the Default Router (WRT54G running dd-wrt White Russian 2.4) is configured to hand out DHCP addresses.
Or else it's a NAT issue on the 2500 or 2600.
I don't think the s0 interface of the 2500 should need to perform *any* NAT if it is directly connected to the 2600 and the 2600 is already performing NAT? Does that sound right??
Thanks,