Why won't NAT work? 1

[beatdown]

I have Verizon FIOS at home, and I'm trying to setup a Cisco 1721 in place of the Verizon router. The FIOS connection is Ethernet via Cat5 (it's not Coax).

I have a Wic-1ENET card in the router, which serves as the WAN interface that FIOS plugs into. IP addressing is done via DHCP. Note; I did have to clone the MAC Address of the Verizon router, before it would assign me an IP.

My computer is connected via cross-over cable to the FastEthernet interface of the router.

From the PC, I can ping both interfaces on the router...but nothing past that.

From the router, I can ping anything on the internet.

So it appears that NAT is not working, but I can't figure out why. Here's my config:



1721#sh run
Building configuration...

Current configuration : 956 bytes
!
! No configuration change since last restart
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname 1721
!
boot-start-marker
boot-end-marker
!
enable secret 5 *****************
enable password 7 ***************
!
memory-size iomem 20
no aaa new-model
ip subnet-zero
no ip routing
!
!
!
no ip cef
!
!
!
!
!
interface Ethernet0
ip address dhcp
ip nat outside
no ip route-cache
half-duplex
!
interface FastEthernet0
ip address 192.168.50.1 255.255.255.0
ip nat inside
no ip route-cache
speed auto
full-duplex
!
interface Serial0
no ip address
no ip route-cache
shutdown
!
ip nat inside source list NAT interface Ethernet0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 dhcp
no ip http server
!
!
ip access-list standard NAT
permit 192.168.50.0 0.0.0.255
!
line con 0
logging synchronous
line aux 0
line vty 0 4
password 7 ****************
login
!
end

1721#

 

[jeter]

I would try this first.

ip route 0.0.0.0 0.0.0.0 ethernet 0

Test via desktop are source from 192.168.50.1

Show ip nat translation







Spc NVARNG
Tek-TIP Member 19,650

 

[beatdown]

I tried ip route 0.0.0.0 0.0.0.0 ethernet 0 but it still won't work.

When I view NAT translations, nothing is shown.

I turned on Debug IP NAT Detail, and tried to open a web page to create some traffic...but nothing comes out in the debug info.

I checked ARP cache on router and PC, to ensure the source IP's are 192.168.50.1(router) and 192.168.50.2 (PC).

I also tried getting rid of the crossover cable, and using a switch, but same results.

I brought the router to work and set it up in a lab environment that mirrors what I'm doing at home (DHCP comes from a windows server, instead of Verizon) and I get the same results...so it would appear that the issue doesn't have anything to do with Verizon, it is a problem with the router.

Any other ideas what might be up?

 

[drichter12]

You have IP routing turned off.... (no ip routing).


Dale

 

[burtsbees]

That would cause a few problems, eh?

Burt

 

[beatdown]

Boy I feel smart right about now!

I bought this router on ebay for a lab setup, and it went into the initial configuration setup the first time I connected via console port...so I assumed this was part of the default config, and that it meant routing protocols (OSPF, RIP, etc..) were not enabled on the router.

Why would this feature be turned on, or even available...seems like it kind of defeats the purpose of using a router?

Thanks for teaching me something...bet I won't make that mistake again.

 

[drichter12]

Well, keep in mind that Cisco was making these things well before IP became so common...

Glad to have helped, sometimes it just takes a new set of eyes to catch a problem when you have been staring at it for so long


Dale

 

[burtsbees]

That command is used in layer 3 switches...just part of IOS.

Burt