Please Help : Very Urgent : Configuring NAT on a CISCO Router

Discussion in 'Cisco' started by Mohamed, Dec 26, 2006.

  1. Mohamed

    Mohamed Guest

    Recently we took an Internet Leased line in our company. We were
    provided with the HTU Modem, and we already had a router 805 series.
    All the physical connection was done.

    Then we got the following list of IP addresses

    Router Gateway :
    Serial address :

    Network Address:
    List of Hosts

    DNS Server

    And I was asked to configure my router as follows

    conf t
    interface Ethernet0
    ip address
    no cdp enable
    no bridge-group 1
    interface serial0
    ip address
    no shutdown
    ip route

    My Internal;network ID is 192.168.2.x

    Now I would like to share teh internet connection within my network,
    how do i do that

    Please help me very urgent
    Mohamed, Dec 26, 2006
    1. Advertisements

  2. Mohamed

    Bod43 Guest

    You need to go back to your ISP and get the correct address
    and mask information.

    The details that you have given do not make sense.
    Bod43, Dec 26, 2006
    1. Advertisements

  3. Mohamed

    Mohamed Guest

    what kind of information i need to get from the ISP

    after that what i need to do

    kindly advice
    Mohamed, Dec 26, 2006
  4. Mohamed

    Bod43 Guest


    Here is what it probably should look like, but I am guessing.

    Router Gateway : x.y.62.180
    Serial address : x.y.62.179 ! < -- changed

    Network Address: x.y.62.152 ! < -- changed
    List of Hosts
    x.y.62.153 ! < -- host range changed

    DNS Server

    If you are not using a seperate firewall inside the
    router do this:-

    conf t
    interface Ethernet0
    ip address
    no bridge-group 1
    ip nat inside
    no shutdown
    interface serial0
    ip address x.y.62.179
    ip nat outside
    no shutdown
    ip route x.y.62.180

    ip nat inside source list ACL.nat interface Serial0 overload

    ip access-l extended ACL.nat
    permit any

    You will see that your host range has not been used.
    This is OK and leaves you plenty of addresses to sue for
    servers later.

    This does NOT give you a proper firewall but the reality seems to
    be that a lot of poeple rely on Dynamic NAT for their
    security. I am not recommending that as a course of action.

    If you have a firewll feature set (post sh ver, sh run)
    you can configure that without affecting the
    existing config.
    Bod43, Dec 26, 2006
  5. Mohamed

    Drake Guest


    You should never list your routable ip addresses in a public forum!
    There are people out there who will use these to your detrement.
    I advise you to button down the hatches. Get a good firewall/secutity

    Be Paranoid. We already know you are in Muscat, Oman :)

    Check further down for some advice.

    Your ISP is assuming you want to use the ip numbers they
    gave you for your internal hosts. BAD IDEA. use:
    ip address for E0 and setup a NAT Pool
    using the ip's given by your isp.
    According to what you wrote above, this should be
    Drake, Dec 26, 2006
  6. Mohamed

    Fer Mtz Guest

    i am agree with last message.

    You need to use a mask for your serial interface.
    Use private address for your LAN, and with public addressess do your
    NAT in that way.
    This can give you a little security but maybe you need a firewall and
    some other stuffs.

    Lets us know if we can help you more...

    best regards.
    Fer Mtz, Dec 27, 2006
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.