IllegalOperation
Technical User
Hello again everyone. I have two routers. Router "A" is the DIA router, which provides the NAT and the link to the internet. Router "B" is more of a layer 3 media converter device. Router B is directly connected to router A, and can pass through out to the internet. However, the private subnet (192.168.1.0) that is running off the LAN side of router B can not get past the serial interface of router A.
I can almost guarantee it is a NAT problem with router A (which is a 1721), but I can not pinpoint my exact mistake. I have played around a little bit with the config, and this is the best I can come up with....
Current configuration : 1424 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log datetime
service password-encryption
service linenumber
!
hostname *******
!
logging buffered 8000 debugging
no logging console
enable secret 5 $1$gVQC$a0BbdKR9Pm0Y8WUc52yrp0
enable password 7 091D1E0A1F0714455E
!
ip subnet-zero
no ip source-route
ip name-server *.*.*.*
ip name-server *.*.*.*
!
no ip bootp server
!
!
!
!
interface FastEthernet0
ip address w.w.w.w 255.255.255.240
ip nat inside
speed auto
no cdp enable
!
interface Serial0
no ip address
encapsulation frame-relay IETF
no fair-queue
service-module t1 timeslots 1-24
service-module t1 remote-alarm-enable
frame-relay lmi-type ansi
!
interface Serial0.536 point-to-point
bandwidth 1544
ip address x.x.x.x 255.255.255.252
no ip proxy-arp
ip nat outside
frame-relay interface-dlci 536 IETF
!
ip nat inside source list 1 pool natpool1 overload
ip classless
ip route 0.0.0.0 0.0.0.0 y.y.y.y
ip route 192.168.1.0 255.255.255.0 z.z.z.z
no ip http server
!
!
access-list 1 permit 192.168.1.0 0.0.0.255
!
line con 0
line aux 0
transport input all
line vty 0 4
password 7 0831435E1F10161E1D055D
login
!
no scheduler allocate
end
Notes:
w.w.w.w: Registered IP address of the ethernet interface
x.x.x.x: Registered IP address of the serial interface
y.y.y.y: Registered IP address of the WAN provider's first interface
z.z.z.z: Registered IP address of Router B
Like I said before, when I am on the 192.168.1.0 subnet, I can get all the way to the serial interface of the 1721, but not past it. If I try to ping past that interface, I get "Destination Host Unreachable". Like I said, I can get out to the internet with router B's registered IP address. Anyone have any suggestions with this NAT issue? Your help would be greatly appreciated...
Dave
I can almost guarantee it is a NAT problem with router A (which is a 1721), but I can not pinpoint my exact mistake. I have played around a little bit with the config, and this is the best I can come up with....
Current configuration : 1424 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log datetime
service password-encryption
service linenumber
!
hostname *******
!
logging buffered 8000 debugging
no logging console
enable secret 5 $1$gVQC$a0BbdKR9Pm0Y8WUc52yrp0
enable password 7 091D1E0A1F0714455E
!
ip subnet-zero
no ip source-route
ip name-server *.*.*.*
ip name-server *.*.*.*
!
no ip bootp server
!
!
!
!
interface FastEthernet0
ip address w.w.w.w 255.255.255.240
ip nat inside
speed auto
no cdp enable
!
interface Serial0
no ip address
encapsulation frame-relay IETF
no fair-queue
service-module t1 timeslots 1-24
service-module t1 remote-alarm-enable
frame-relay lmi-type ansi
!
interface Serial0.536 point-to-point
bandwidth 1544
ip address x.x.x.x 255.255.255.252
no ip proxy-arp
ip nat outside
frame-relay interface-dlci 536 IETF
!
ip nat inside source list 1 pool natpool1 overload
ip classless
ip route 0.0.0.0 0.0.0.0 y.y.y.y
ip route 192.168.1.0 255.255.255.0 z.z.z.z
no ip http server
!
!
access-list 1 permit 192.168.1.0 0.0.0.255
!
line con 0
line aux 0
transport input all
line vty 0 4
password 7 0831435E1F10161E1D055D
login
!
no scheduler allocate
end
Notes:
w.w.w.w: Registered IP address of the ethernet interface
x.x.x.x: Registered IP address of the serial interface
y.y.y.y: Registered IP address of the WAN provider's first interface
z.z.z.z: Registered IP address of Router B
Like I said before, when I am on the 192.168.1.0 subnet, I can get all the way to the serial interface of the 1721, but not past it. If I try to ping past that interface, I get "Destination Host Unreachable". Like I said, I can get out to the internet with router B's registered IP address. Anyone have any suggestions with this NAT issue? Your help would be greatly appreciated...
Dave
