04-17-2014 04:48 PM
Hello,
Could you please help me. I just received 2911 router and I have problems with configuring NAT on it. I want to connect port GE0/1 to office LAN with internet and I set up the interface "ip dhcp" so it could catch IP address from another router with internet access. GE0/2 goes to LAN without internet. I want to connect LAN from GE0/2 to LAN GE0/1 with internet, but NAT doesnt work. Could you please tell me what is the problem?
Below copied show run
Thank you
Current configuration : 6026 bytes
!
! Last configuration change at 23:23:33 UTC Thu Apr 17 2014 by admin
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname OMRouter
!
boot-start-marker
boot-end-marker
!
!
logging buffered 51200 warnings
!
no aaa new-model
!
ip cef
!
!
!
ip dhcp excluded-address 10.10.10.1
ip dhcp excluded-address 192.168.1.1 192.168.1.10
ip dhcp excluded-address 192.168.3.1 192.168.3.10
!
ip dhcp pool ccp-pool
import all
network 10.10.10.0 255.255.255.248
default-router 10.10.10.1
lease 0 2
!
ip dhcp pool DHCP_POOL
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 192.168.2.1
domain-name OmniaLocal1
!
ip dhcp pool DHCP_Pool_GE0/0
network 192.168.3.0 255.255.255.0
default-router 192.168.3.1
dns-server 192.168.3.1
!
!
default-router 192.168.1.1
dns-server 192.168.2.1
domain-name OmniaLocal1
!
ip dhcp pool DHCP_Pool_GE0/0
network 192.168.3.0 255.255.255.0
default-router 192.168.3.1
dns-server 192.168.3.1
!
!
!
no ip domain lookup
ip domain name yourdomain.com
no ipv6 cef
multilink bundle-name authenticated
!
!
!
crypto pki trustpoint TP-self-signed-3131162420
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3131162420
revocation-check none
rsakeypair TP-self-signed-3131162420
!
!
license udi pid CISCO2911/K9 sn FGL175010ST
!
!
username admin privilege 15 secret 4 tnhtc92DXBhelxjYk8LWJrPV36S2i4ntXrpb4RFmfqY
!
!
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
!
interface GigabitEthernet0/0
description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-GE 0/0$
ip address 192.168.3.1 255.255.255.0
ip nat inside
ip nat enable
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/1
ip address dhcp
ip nat outside
ip nat enable
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/2
no ip address
ip nat inside
ip nat enable
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/2.1
encapsulation dot1Q 1 native
ip address 192.168.1.1 255.255.255.0
!
router rip
version 2
network 192.168.1.0
network 192.168.2.0
network 192.168.3.0
!
ip forward-protocol nd
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
ip nat inside source list 1 interface GigabitEthernet0/1 overload
ip nat inside source list 2 pool overload
!
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 2 permit 192.168.3.0 0.0.0.255
access-list 23 permit 10.10.10.0 0.0.0.7
!
!
!
control-plane
!
!
04-18-2014 08:40 AM
Andrey,
This community does not provide technical support and is not staffed with technical support experts. I recommend you post this and future technical support questions to the Cisco Support Community (https://supportforums.cisco.com/index.jspa) where our Cisco technical support experts provide debugging assistance. Another option is to open a ticket with the Cisco Technical Assistance Center (www.cisco.com/go/support) to get expert debugging assistance.
We do encourage you to participate in the Cisco Collaboration Community and to also join our Cisco Collaboration User Group program! In the community, we encourage your discussion/sharing around collaboration topics and Cisco Collaboration Solutions, including business and IT requirements, industry trends, process, culture/organization issues, how collaboration can be used to transform businesses, vendor selection, adoption, training, architecture, licensing, and product features/functionality. If you are a customer or partner, you can also join the user group program to be eligible for member-only events and influence product direction.
We hope to hear from you again,
Kelli Glass
Moderator for the Cisco Collaboration Community
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: