Anyone have any ideas??
HELP!! I have a 7204 router with IOS 12.0(7).
I have a FastEthernet interface sub-interfaced into two (Fa0/0.1 and
Fa0/0.2). They are set for isl 1 and isl 2 respectively. Fa0/0.1 is
outside nat and Fa0/0.2 is inside nat. I am connected to a 3524 switch
setup for VTP using ISL and divided into half for VLAN 1 and VLAN 2.
VLAN1 is global (outside) and VLAN 2 is inside
I have an access list setup to allow 192.168.250.0 from the inside and
have setup a single global address for PAT translation.
1. This setup works fine when reaching the net on Fa0/0.1 (the
outside). However I cannot reach the Internet which is out the routers
serial ports. From VLAN 1 which is the outside, I can reach the
internet with no problem.
2. I can ping all devices on VLAN 1 (outside) but not past there from
the inside (VLAN2) except when I turn Proxy-Arp OFF.
Once problems 1 & 2 are resolved, I'll need to solve the initial
problem...
3. I tried to setup static maps to 6 terminal servers on the inside so I
can manage them. The terminal servers are attached to phone lines and
will recieve dial-up traffic. I cannot reach the devices I statically
mapped (they show up correctly in the show ip nat trans command. I used
the ip nat inside etc. command to map). When I checked ARP after trying
to ping to these devices from the outside, the switch shows that
"Encapuslation failed" and the show arp shows an "Incomplete" where the
MAC address should be. I left this configuration overnight and the next
morning, the MAC Address was in the table (actually the mac address of
the routers ethernet interface as one would expect with NAT or
proxy-arp) and I was able to reach the devices I statically mapped.
However, when I added another, I ran into the same problem. Is this an
issue where the router needs to be power cycled to allow for static
maps??????? I did find a tech article on Cisco's site, CSCdp22947,
stating that there is an issue where the router will not send the MAC
address for statically mapped devices using nat. However, it was with
ios 12.0(7.1) and 12.0(7.2) and I have 12.0(7). Who knows??
Any help is greatly appreciated. I have wrestled this for several
days. I have viewed millions of sample configs and they are all very
simple and straight forward. I am beginning to think an IOS upgrade is
in order here. However, the rest of the router config is complicated
and with 4 T1s and 35 sites through frame relay with STUN encapsulation
and IP all for Internet and AS400 access. SOOOO, I would rather not
upgrade and risk NEW bugs causing problems with the mission critical
stuff. But if I gotta.....
--
AT Bauer
CPU Specialist
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
