Nating Issue

[netlife]

Hi All,

I am having the following setup,


Fa0/1 172.18.121.1 Eth 0 130.1.1.20
R1-------------------------R2----
| fa0/0 172.18.121.2
|
130.1.0.0/16


R1-cisco 2600 which is an internet router
R2-cisco 1751 which I am using for accessing perticular set of servers whose ips are 130.1.111.11 to 16 255.255.0.0

Sinario:I want to give access to the telnet to R2 from internet.For this,I am nating a global ip to the fast ethernet 172.18.121.2 of the router R2.Once I do the nating,I could not ping the global ip.But when I nat the same global ip to fast ethernet 172.18.121.1 of the R1 I can ping and telnet.I tried a static route,
ip route 172.18.121.2 255.255.255.255 172.18.121.1 still I am not able to reach the fast ethernet of R2.
Is there any way I can reach fa0/0 of R2?

Pls help.

netlife.

 

[rudeboy]

Please post the configs of both routers. It sounds as if R2 doesn't have the correct default gateway set(gateway of last resort).

 

[netlife]

The router configurations are,

R2#
Building configuration...

Current configuration : 1259 bytes
!
! Last configuration change at 14:53:27 UTC Sat Mar 2 2002
! NVRAM config last updated at 14:47:53 UTC Sat Mar 2 2002
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname concerto_vpn
!
boot-start-marker
boot-end-marker
!
!
username pankaj password 0 cisco sh ip route
memory-size iomem 20
no aaa new-model
ip subnet-zero
!
!

no ip domain lookup
ip cef
ip audit notify log
ip audit po max-events 100
ip ssh break-string
no ftp-server write-enable
no scripting tcl init
no scripting tcl encdir
!
!
!
!
no crypto isakmp enable
!
!
!
!
interface FastEthernet0/0
ip address 172.18.121.2 255.255.255.252
speed auto
full-duplex
!
interface Serial0/0
no ip address
shutdown
!
interface Ethernet1/0
ip address 130.1.1.20 255.255.0.0
full-duplex
!
ip default-gateway 172.18.121.1
ip classless
ip default-network 130.1.0.0
ip route 130.1.0.0 255.255.0.0 172.18.121.1
ip route 172.18.0.0 255.255.0.0 172.18.121.0
no ip http server
no ip http secure-server
!
!
!
!
!
control-plane
!
!
line con 0
password xxxxx
login
line aux 0
line vty 0 4
timeout login response 60
password xxxxx
login
line vty 5 15
timeout login response 60
password xxxxx
login
!
!
end

Configuration of R1:

KB_2651_512KB#sh runn
Building configuration...

Current configuration : 8084 bytes
!
version 12.3
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname KB_2651_512KB
!
boot-start-marker
boot-end-marker
!
enable password 7 0100121757
!
no network-clock-participate slot 1
no network-clock-participate wic 0
no aaa new-model
ip subnet-zero
ip cef
!
!
!
no ip domain lookup
no ftp-server write-enable
isdn switch-type basic-net3
!
!
!
!
interface FastEthernet0/0
description connected to EthernetLAN
ip address 130.1.169.50 255.255.0.0
ip access-group 101 in
no ip redirects
ip nat inside
duplex auto
speed auto
!
interface Serial0/0KB_2651_512KB#ping 13
% Unrecognized host or address, or protocol not running.

KB_2651_512KB#sh runn
Building configuration...

Current configuration : 8340 bytes
!
version 12.3
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname KB_2651_512KB
!
boot-start-marker
boot-end-marker
!
enable password 7 0100121757
!
no network-clock-participate slot 1
no network-clock-participate wic 0
no aaa new-model
ip subnet-zero
ip cef
!
!
!
no ip domain lookup
no ftp-server write-enable
isdn switch-type basic-net3
!
!
!
!
interface FastEthernet0/0
description connected to EthernetLAN
ip address 130.1.169.50 255.255.0.0
ip access-group 101 in
no ip redirects
ip nat inside
duplex auto
speed auto
!
interface Serial0/0
description connected to Internet
ip address 203.xx.xx.xx 255.255.255.252
ip access-group 102 out
no ip redirects
ip nat outside
encapsulation ppp
backup delay 120 120
backup interface Dialer1
!
interface BRI0/0
description connected to Internet
no ip address
ip nat outside
encapsulation ppp
shutdown
dialer rotary-group 1
dialer-group 1
isdn switch-type basic-net3
no cdp enable
!
interface FastEthernet0/1
ip address 172.18.121.1 255.255.255.240
ip nat inside
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
!
interface Dialer1
description connected to Internet
ip address negotiated
ip nat outside
encapsulation ppp
no ip split-horizon
dialer in-band
dialer string 28315099
dialer hold-queue 10
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname spancotele
ppp chap password 7 08285F4A074B554741
ppp pap sent-username spancotele password 7 07063248405B495544
ppp multilink
!
ip nat inside source route-map Dialer interface Dialer1 overload
ip nat inside source route-map Serial interface Serial0/0 overload
ip nat inside source static 130.1.1.32 203.199.xx.xx
ip nat inside source static tcp 130.1.12.45 5632 203.199.xx.xx 5632 extendable
ip nat inside source static tcp 130.1.12.46 5633 203.199.xx.xx 5633 extendable
ip nat inside source static tcp 130.1.12.47 5634 203.199.xx.xx 5634 extendable
ip nat inside source static tcp 130.1.12.48 5635 203.199.xx.xx 5635 extendable
ip nat inside source static tcp 130.1.12.49 5636 203.199.xx.xx 5636 extendable
ip nat inside source static tcp 130.1.12.50 5637 203.199.xx.xx 5637 extendable
ip nat inside source static tcp 130.1.12.72 5638 203.199.xx.xx 5638 extendable
ip nat inside source static tcp 130.1.12.73 5639 203.199.xx.xx 5639 extendable
ip nat inside source static tcp 130.1.12.74 5640 203.199.xx.xx 5640 extendable
ip nat inside source static tcp 130.1.12.75 5641 203.199.xx.xx 5641 extendable
ip nat inside source static 130.1.101.250 203.199.121.166
ip nat inside source static 172.18.121.2 203.199.121.161
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0/0
ip route 0.0.0.0 0.0.0.0 Dialer1
ip route 0.0.0.0 0.0.0.0 Serial0/0 172.177.65.2
ip route 172.18.121.2 255.255.255.255 FastEthernet0/1
ip route 203.199.121.161 255.255.255.255 172.18.121.2
no ip http server
!

route-map Serial permit 10
match ip address 1
match interface Serial0/0
!
route-map Dialer permit 10
match ip address 1
match interface Dialer1
!
snmp-server community public RO
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps tty
snmp-server enable traps config
snmp-server host 130.1.1.2 public
!
line con 0
exec-timeout 0 0
password 7 105D1D0A09
login
line aux 0
line vty 0 4
password 7 0518121C2D
login
!
!
!
end

R2#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

172.18.0.0/16 is variably subnetted, 2 subnets, 2 masks
S 172.18.0.0/16 [1/0] via 172.18.121.0
C 172.18.121.0/30 is directly connected, FastEthernet0/0
C* 130.1.0.0/16 is directly connected, Ethernet1/0