Please Help : Very Urgent : Configuring NAT on a CISCO Router

Hi Recently we took an Internet Leased line in our company. We were provided with the HTU Modem, and we already had a router 805 series. All the physical connection was done.

Then we got the following list of IP addresses

Router Gateway : Serial address :

Network Address: List of Hosts

DNS Server

And I was asked to configure my router as follows

conf t ! interface Ethernet0 ip address no cdp enable no bridge-group 1 ! interface serial0 ip address no shutdown ! ip route

My Internal;network ID is 192.168.2.x

Now I would like to share teh internet connection within my network, how do i do that

Please help me very urgent

Reply to
Loading thread data ...

You need to go back to your ISP and get the correct address and mask information.

The details that you have given do not make sense.

Reply to

what kind of information i need to get from the ISP

after that what i need to do

k> Mohamed wrote:

Reply to


Here is what it probably should look like, but I am guessing.

Router Gateway : x.y.62.180 Serial address : x.y.62.179 ! < -- changed

Network Address: x.y.62.152 ! < -- changed List of Hosts x.y.62.153 ! < -- host range changed x.y.62.154 x.y.62.155 x.y.62.156 x.y.62.167 x.y.62.168

DNS Server

If you are not using a seperate firewall inside the router do this:-

conf t ! interface Ethernet0 ip address no bridge-group 1 ip nat inside no shutdown ! interface serial0 ip address x.y.62.179 ip nat outside no shutdown ! ip route x.y.62.180

ip nat inside source list ACL.nat interface Serial0 overload

ip access-l extended ACL.nat permit any

You will see that your host range has not been used. This is OK and leaves you plenty of addresses to sue for servers later.

This does NOT give you a proper firewall but the reality seems to be that a lot of poeple rely on Dynamic NAT for their security. I am not recommending that as a course of action.

If you have a firewll feature set (post sh ver, sh run) you can configure that without affecting the existing config.

Reply to


You should never list your routable ip addresses in a public forum! There are people out there who will use these to your detrement. I advise you to button down the hatches. Get a good firewall/secutity appliance.

Be Paranoid. We already know you are in Muscat, Oman :-)

Check further down for some advice.

Your ISP is assuming you want to use the ip numbers they gave you for your internal hosts. BAD IDEA. use: ip address for E0 and setup a NAT Pool using the ip's given by your isp.

According to what you wrote above, this should be

Reply to

i am agree with last message.

You need to use a mask for your serial interface. Use private address for your LAN, and with public addressess do your NAT in that way. This can give you a little security but maybe you need a firewall and some other stuffs.

Lets us know if we can help you more...

best regards. wrote:

Reply to
Fer Mtz Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.