I have configured two clients on a Cisco 1841 router and Cisco Catalyst 2960 Switch using InterVLAN and static NAT. The problem is that from Client 2 Server I cannot access the internet whereas I can from Client 1 Server. Client 1 Server is acting as a DNS server for the entire network. But if I remove the Client 2 Server static NAT both Servers can go through to the internet.
My configurations are as follows:
2960 Switch:no file verify auto spanning-tree mode pvst spanning-tree extend system- id ! vlan internal allocation policy ascending ! interface FastEthernet0/7 switchport access vlan
10 spanning-tree portfast ! interface FastEthernet0/13 switchport access vlan 20 ! interface FastEthernet0/24 switchport mode trunk ! interface Vlan1 ip address 192.168.1.3 255.255.255.0 no ip route- cache ! ip default-gateway 192.168.1.1Cisco 1841 Router: ! interface Null0 no ip unreachables ! interface FastEthernet0/0 description $FW_INSIDE $ no ip address no ip redirects no ip unreachables no ip proxy- arp ip nbar protocol- discovery ip nat inside ip virtual- reassembly ip route-cache flow duplex auto speed auto no mop enabled ! interface FastEthernet0/0.10 description $ Client 1 $ encapsulation dot1Q
10 ip address 192.168.10.1 255.255.255.0 ip nat inside ! interface FastEthernet0/0.20 description $ Client 2 $ encapsulation dot1Q 20 ip address 192.168.20.1 255.255.255.0 ip nat inside ! interface FastEthernet0/0.100 description Management NATIVE VLAN encapsulation dot1Q 1 native ip address 192.168.1.1 255.255.255.0 ip nat inside ! interface FastEthernet0/1 description $ User Access Network $ ip address 192.168.2.1 255.255.255.0 ip nat inside ! interface Serial0/0/0 description Link to the Internet bandwidth 512 ip address 196.X.X.98 255.255.255.252 ip nat outside ! ip route 0.0.0.0 0.0.0.0 196.X.X. 97 ! ip nat inside source list 10 interface Serial0/0/0 overload ip nat inside source static 192.168.10.2 196.1X.X.35 (Client 1 Mail Server, using 192.168.10.1 as gateway) ip nat inside source static 192.168.20.2 196.2X.X.18 (Client 2 Mail Server, using 192.168.20.1 as gateway) ! access-list 10 permit 192.168.1.0 0.0.0.255 access-list 10 permit 192.168.2.0 0.0.0.255 access-list 10 permit 192.168.10.0 0.0.0.255 access-list 10 permit 192.168.20.0 0.0.0.255 !