Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
6881
Views
0
Helpful
1
Replies

Problems with NAT configuration

z0mmer3131
Level 1
Level 1

‎04-17-2014 04:48 PM

Hello,

Could you please help me. I just received 2911 router and I have problems with configuring NAT on it. I want to connect port GE0/1 to office LAN with internet and I set up the interface "ip dhcp" so it could catch IP address from another router with internet access. GE0/2 goes to LAN without internet. I want to connect LAN from GE0/2 to LAN GE0/1 with internet, but NAT doesnt work. Could you please tell me what is the problem?

Below copied show run

Thank you

Current configuration : 6026 bytes

!

! Last configuration change at 23:23:33 UTC Thu Apr 17 2014 by admin

version 15.2

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname OMRouter

!

boot-start-marker

boot-end-marker

!

!

logging buffered 51200 warnings

!

no aaa new-model

!

ip cef

!

!

!

ip dhcp excluded-address 10.10.10.1

ip dhcp excluded-address 192.168.1.1 192.168.1.10

ip dhcp excluded-address 192.168.3.1 192.168.3.10

!

ip dhcp pool ccp-pool

import all

network 10.10.10.0 255.255.255.248

default-router 10.10.10.1

lease 0 2

!

ip dhcp pool DHCP_POOL

network 192.168.1.0 255.255.255.0

default-router 192.168.1.1

dns-server 192.168.2.1

domain-name OmniaLocal1

!

ip dhcp pool DHCP_Pool_GE0/0

network 192.168.3.0 255.255.255.0

default-router 192.168.3.1

dns-server 192.168.3.1

!

!

default-router 192.168.1.1

dns-server 192.168.2.1

domain-name OmniaLocal1

!

ip dhcp pool DHCP_Pool_GE0/0

network 192.168.3.0 255.255.255.0

default-router 192.168.3.1

dns-server 192.168.3.1

!

!

!

no ip domain lookup

ip domain name yourdomain.com

no ipv6 cef

multilink bundle-name authenticated

!        

!        

!        

crypto pki trustpoint TP-self-signed-3131162420

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-3131162420

revocation-check none

rsakeypair TP-self-signed-3131162420

!        

!       

license udi pid CISCO2911/K9 sn FGL175010ST

!        

!        

username admin privilege 15 secret 4 tnhtc92DXBhelxjYk8LWJrPV36S2i4ntXrpb4RFmfqY

!        

!        

!        

!        

!        

!        

interface Embedded-Service-Engine0/0

no ip address

!        

interface GigabitEthernet0/0

description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-GE 0/0$

ip address 192.168.3.1 255.255.255.0

ip nat inside

ip nat enable

ip virtual-reassembly in

duplex auto

speed auto

!        

interface GigabitEthernet0/1

ip address dhcp

ip nat outside

ip nat enable

ip virtual-reassembly in

duplex auto

speed auto

!        

interface GigabitEthernet0/2

no ip address

ip nat inside

ip nat enable

ip virtual-reassembly in

duplex auto

speed auto

!        

interface GigabitEthernet0/2.1

encapsulation dot1Q 1 native

ip address 192.168.1.1 255.255.255.0

!        

router rip

version 2

network 192.168.1.0

network 192.168.2.0

network 192.168.3.0

!        

ip forward-protocol nd

!        

ip http server

ip http access-class 23

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

!        

ip nat inside source list 1 interface GigabitEthernet0/1 overload

ip nat inside source list 2 pool overload

!        

access-list 1 permit 192.168.1.0 0.0.0.255

access-list 2 permit 192.168.3.0 0.0.0.255

access-list 23 permit 10.10.10.0 0.0.0.7

!        

!        

!        

control-plane

!        

!        

Labels:
0 Helpful
1 Reply 1

keglass
Level 7
Level 7

‎04-18-2014 08:40 AM

Andrey,


This community does not provide technical support and is not staffed with technical support experts. I recommend you post this and future technical support questions to the Cisco Support Community (https://supportforums.cisco.com/index.jspa) where our Cisco technical support experts provide debugging assistance. Another option is to open a ticket with the Cisco Technical Assistance Center (www.cisco.com/go/support) to get expert debugging assistance.

We do encourage you to participate in the Cisco Collaboration Community and to also join our Cisco Collaboration User Group program!  In the community, we encourage your discussion/sharing around collaboration topics and Cisco Collaboration Solutions, including business and IT requirements, industry trends, process, culture/organization issues, how collaboration can be used to transform businesses, vendor selection, adoption, training, architecture, licensing, and product features/functionality. If you are a customer or partner, you can also join the user group program to be eligible for member-only events and influence product direction.

We hope to hear from you again,

Kelli Glass

Moderator for the Cisco Collaboration Community

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents