- Posts: 2
- Thank you received: 0
Need help on NAT
14 years 2 months ago #35381
by mzauti
Need help on NAT was created by mzauti
Hi there,
I just bought a used unit of Cisco 837 Router. I tried to configured so all computers behind my LAN will be able to share Internet.
I have read the tutorial on Natting from this website but still unable to get it work.
Below is my sh run output.
i have no problem to ping google.com from the router and the router/computer can ping each other.
Current configuration : 2878 bytes
!
version 12.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Southgate
!
boot-start-marker
boot-end-marker
!
no logging buffered
enable password XXXXXXX
!
username XXXXX privilege 15 password 0 XXXXXXX
no aaa new-model
ip subnet-zero
ip name-server 208.67.222.222
!
ip dhcp pool pool1
network 10.1.201.0 255.255.255.0
domain-name explorer
dns-server 208.67.222.222
default-router 10.1.201.1
!
!
ip inspect name SDM_LOW cuseeme
ip inspect name SDM_LOW ftp
ip inspect name SDM_LOW h323
ip inspect name SDM_LOW icmp
ip inspect name SDM_LOW netshow
ip inspect name SDM_LOW rcmd
ip inspect name SDM_LOW realaudio
ip inspect name SDM_LOW rtsp
ip inspect name SDM_LOW sqlnet
ip inspect name SDM_LOW streamworks
ip inspect name SDM_LOW tftp
ip inspect name SDM_LOW tcp
ip inspect name SDM_LOW udp
ip inspect name SDM_LOW vdolive
ip audit notify log
ip audit po max-events 100
ip ssh break-string
no ftp-server write-enable
!
!
!
no crypto isakmp enable
!
!
!
!
interface Ethernet0
description $FW_INSIDE$$ETH-LAN$
ip address 10.1.201.1 255.255.255.0
ip nat inside
ip tcp adjust-mss 1412
hold-queue 100 out
!
interface ATM0
no ip address
ip nat outside
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
shutdown
!
interface ATM0.2 point-to-point
pvc 0/35
pppoe-client dial-pool-number 1
!
!
interface Dialer1
description $FW_OUTSIDE$
ip address negotiated
ip mtu 1452
ip nat outside
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap pap callin
ppp chap hostname XXXXX@XXXXXXX
ppp chap password 0 XXXXXX
ppp pap sent-username XXXXX@XXXXXXX password 0 XXXXXX
!
ip nat inside source list 100 pool Internet
ip classless
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 600 life 86400 requests 10000
!
!
ip access-list extended sdm_dialer1_in
remark SDM_ACL Category=1
remark permit out any ICMP
permit icmp any any
remark permit out any UDP
permit udp any any
remark permit out any IP
permit ip any any
remark permit out any TCP
permit tcp any any
ip access-list extended sdm_ethernet0_in
remark SDM_ACL Category=1
remark permit out any TCP
permit tcp any any
remark permit out any ICMP
permit icmp any any
remark permit out any UDP
permit udp any any
remark permit out any IP
In the tutorial, stated a Internet with static IP, but my situation here is i'm using dynamic IP. below is the ip nat pool setting on my router.
#ip nat pool Internet 0.0.0.0 0.0.0.0 netmask 255.255.255.255
is the cause the problem?
I just bought a used unit of Cisco 837 Router. I tried to configured so all computers behind my LAN will be able to share Internet.
I have read the tutorial on Natting from this website but still unable to get it work.
Below is my sh run output.
i have no problem to ping google.com from the router and the router/computer can ping each other.
Current configuration : 2878 bytes
!
version 12.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Southgate
!
boot-start-marker
boot-end-marker
!
no logging buffered
enable password XXXXXXX
!
username XXXXX privilege 15 password 0 XXXXXXX
no aaa new-model
ip subnet-zero
ip name-server 208.67.222.222
!
ip dhcp pool pool1
network 10.1.201.0 255.255.255.0
domain-name explorer
dns-server 208.67.222.222
default-router 10.1.201.1
!
!
ip inspect name SDM_LOW cuseeme
ip inspect name SDM_LOW ftp
ip inspect name SDM_LOW h323
ip inspect name SDM_LOW icmp
ip inspect name SDM_LOW netshow
ip inspect name SDM_LOW rcmd
ip inspect name SDM_LOW realaudio
ip inspect name SDM_LOW rtsp
ip inspect name SDM_LOW sqlnet
ip inspect name SDM_LOW streamworks
ip inspect name SDM_LOW tftp
ip inspect name SDM_LOW tcp
ip inspect name SDM_LOW udp
ip inspect name SDM_LOW vdolive
ip audit notify log
ip audit po max-events 100
ip ssh break-string
no ftp-server write-enable
!
!
!
no crypto isakmp enable
!
!
!
!
interface Ethernet0
description $FW_INSIDE$$ETH-LAN$
ip address 10.1.201.1 255.255.255.0
ip nat inside
ip tcp adjust-mss 1412
hold-queue 100 out
!
interface ATM0
no ip address
ip nat outside
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
shutdown
!
interface ATM0.2 point-to-point
pvc 0/35
pppoe-client dial-pool-number 1
!
!
interface Dialer1
description $FW_OUTSIDE$
ip address negotiated
ip mtu 1452
ip nat outside
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap pap callin
ppp chap hostname XXXXX@XXXXXXX
ppp chap password 0 XXXXXX
ppp pap sent-username XXXXX@XXXXXXX password 0 XXXXXX
!
ip nat inside source list 100 pool Internet
ip classless
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 600 life 86400 requests 10000
!
!
ip access-list extended sdm_dialer1_in
remark SDM_ACL Category=1
remark permit out any ICMP
permit icmp any any
remark permit out any UDP
permit udp any any
remark permit out any IP
permit ip any any
remark permit out any TCP
permit tcp any any
ip access-list extended sdm_ethernet0_in
remark SDM_ACL Category=1
remark permit out any TCP
permit tcp any any
remark permit out any ICMP
permit icmp any any
remark permit out any UDP
permit udp any any
remark permit out any IP
In the tutorial, stated a Internet with static IP, but my situation here is i'm using dynamic IP. below is the ip nat pool setting on my router.
#ip nat pool Internet 0.0.0.0 0.0.0.0 netmask 255.255.255.255
is the cause the problem?
14 years 2 months ago #35397
by KiLLaBeE
Replied by KiLLaBeE on topic Re: Need help on NAT
Get rid of this in global configuration mode:
ip nat inside source list 100 pool Internet
Stick these in global configuration mode:
ip access-list standard 100 permit ip 0.0.0.0 0.0.0.0 any
ip nat inside source list 100 interface atm0.2 overload
See if you can stick this command in the ATM0.2 subinterface:
ip address dhcp
Just to clarify, you're connecting to the Internet with an ATM interface?
If this doesn't work, then I recommend doing a 'wr erase' and reload the router so you can start from scratch. There seems to be a lot of config in it from whoever the previous owner was.
Also, if you can't input the 'ip address dhcp' command in ATM0.2 subinterface, it may be that just the IOS on the router doesn't support that command, but see if you can play with it by using the ? and tab to see if it's called something else.
ip nat inside source list 100 pool Internet
Stick these in global configuration mode:
ip access-list standard 100 permit ip 0.0.0.0 0.0.0.0 any
ip nat inside source list 100 interface atm0.2 overload
See if you can stick this command in the ATM0.2 subinterface:
ip address dhcp
Just to clarify, you're connecting to the Internet with an ATM interface?
If this doesn't work, then I recommend doing a 'wr erase' and reload the router so you can start from scratch. There seems to be a lot of config in it from whoever the previous owner was.
Also, if you can't input the 'ip address dhcp' command in ATM0.2 subinterface, it may be that just the IOS on the router doesn't support that command, but see if you can play with it by using the ? and tab to see if it's called something else.
14 years 2 months ago #35398
by mzauti
Replied by mzauti on topic Re: Need help on NAT
Hi KiLLaBeE
Thank for assisting me. actually, i managed to make my LAN to access Internet after read cisco 827 doc. Even some command doesn't make sense to me yet.
thank,
Thank for assisting me. actually, i managed to make my LAN to access Internet after read cisco 827 doc. Even some command doesn't make sense to me yet.
thank,
Time to create page: 0.117 seconds