cisco 827h OT

Tue Oct 22 10:00:59 EST 2002

I think This will help allot, I did configure it with cisco router web
setup, and I have seen that nat on the inside interface is enabled in one of
the show interface outputs. Thanks heaps.

cheers
Leigh
----- Original Message -----
From: "Dale Shaw" <DShaw at exceed.com.au>
To: "Leigh Finch" <lfinch at asitis.net.au>
Cc: <linux at lists.samba.org>
Sent: Tuesday, October 22, 2002 9:46 AM
Subject: RE: cisco 827h OT

> Leigh,
>
> This gets a lot easier with a config, but I realise it's not available
> to you right now..
>
> You need to be in 'interface mode' to enter 'no ip nat inside', but
> that's only useful if there's already an 'ip nat inside' command on the
> interface. NAT is not enabled by default, but it depends how the router
> was originally configured (i.e. by hand, ConfigMaker, some other tool).
>
> If 'ip nat inside' appears somewhere under 'interface Ethernet0' when
> you view your config, you can type:
>
> router#conf t
> Enter configuration commands, one per line.  End with CNTL/Z.
> router(config)#int ethernet 0
> router(config-if)#no ip nat inside
> router(config-if)#^Z
> router#
>
> 'route add' (i.e. static routing) is done with 'ip route' commands in
> config mode ("conf t"). Eg:
>
> router#conf t
> Enter configuration commands, one per line.  End with CNTL/Z.
> router(config)#ip route 172.30.1.0 255.255.255.0 10.0.1.2
> router(config)#^Z
> router#
>
> You can view the routing table with "sh ip ro". You don't need to add
> static routes for directly connected networks. In other words, I'm sure
> if you look at the output from "sh ip ro" you will see a route for
> 203.46.?.?/28 with a "C" on the left-hand side (meaning "connected").
>
> Cheers,
> Dale
>
> -----Original Message-----
> From: Leigh Finch [mailto:lfinch at asitis.net.au]
> Sent: Tuesday, 22 October 2002 9:37 AM
> To: James McNeill
> Cc: linux at lists.samba.org
> Subject: Re: cisco 827h OT
>
>
> How do I disable NAT on the router? I tried: no ip nat inside
> but it gave me an error "invalid marker" and had an arrow under the i in
> ip, I
> was in enable mode. how can check that packets for the /28 are being
> sent to
> the right interface (soz, first router,) is there a way I can do
> something
> similar to "route add" on the box?
>
> cheers
> Leigh
>
>
> On Tue, 22 Oct 2002 09:21 am, you wrote:
> > IF you've got a subnet dedicated to the boxen behind the router, then
> you
> > will need to completely disable NAT (ip aliasing, masqurading etc.).
> NAT of
> > any sort will prevent external routing of the addresses. Also, check
> the
> > routing tables of the router. make sure the packets for the /28 mask
> > network are sent to the correct interface. Can the router see both
> > networks?
> >
> > -james
> >
> > | OT
> > | Hi all,
> > | I know this is way OT, but I have a cisco 827h router at work for
> which
> > | we have just allocated /28 network for the inside. now I have had
> telstra
> > | add
> >
> > us
> >
> > | into the tables. now I have set up an internal box with one of the
> IP's
> >
> > alon
> >
> > | with the ethernet interface on the router with one as well. I cannot
> >
> > access
> >
> > | any services of the internal network server, such as mail, or the
> web
> > | server... when I do a traceroute on the internal server, it stops at
> the
> > | outside interface on the router, saying it has completed, no time
> outs...
> > | when I ping a valid internal IP it says the address comming back is
> the
> >
> > one
> >
> > | of the external interface on the router, obviousely if I try to ping
> a
> > | non valid IP on our network I get the 100% packet loss.
> > |
> > | Would this have anything to do with NAT? or is there something else
> I
> > | need
> >
> > to
> >
> > | do, as I no longer need NAT, if they are non private IP's.
> > |
> > | cheers
> > | Leigh
>
>