outbound NAT on a 3640

I am trying to setup outbound nat on a 3640 with 2 interfaces. I have followed Cisco's reccomended config as closely as possible for my situation...

formatting link

I have also used the CCNA handbook to assist in my config. Alas still no success. Below is my latest attempt at a config as vanilla as i can get it just to get outboug www traffic going. I can ping the external upstream DNS server but http requests timeout.

Any help would be greatly apprecaited!

Reply to
kevin.noall
Loading thread data ...

remove the acl 112 on e0/0 and try it again conf t int e0/0 no ip access-group 112 in

Not sure why you are using an acl on your inside interface as you are permiting everything. Doesn't gain you anything by having it there, loose it

int e0/1 no ip access-group 101 in

Reply to
Brian V

I did this and still nothing. I get a DHCP address on my outside interface, but I cannot get to anything. I cannot ping dns servers or anything.

Brian V wrote:

Reply to
kevin.noall

From the router can you ping? Try pinging 4.2.2.2

Reply to
Brian V

No. I tried pinging the external from my ISP as well with bad results.

Brian V wrote:

Reply to
kevin.noall

Unplug your cable modem for 2 minutes. Then plug it back in. Most cable modems/systems only allow a single IP to go thru it. It will pass out as many IP's as needed, simply won't get thru. Your original IP/MAC is being cached by the modem.

>
Reply to
Brian V

I will try this, but I am actually presenting the same MAC as my linksys was and getting the same IP from DHCP

Brian V wrote:

formatting link
>> >> >

Reply to
kevin.noall

This is for all out there who may need the help on this same situation. I found out what the issue was. A friend of mine is an CCIE and I got him to come around and help with this. He found that he had seen this before when using DHCP on the outside interface. If you put in a static route for the interface ( ip route 0.0.0.0 0.0.0.0 Ethernet0/0) in this configuration it may not work. We took out the static route and let the route be configured by the DHCP on the interface, and it imidiately started working as expected. there was nothing wrong with the access-lists or anything like that. It was strictly that the route was not working properly.

And there you have it.

Brian V wrote:

formatting link
>> >> >

Reply to
kevin.noall

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.