Correction I meant the ICMP request instead of DNS query. Sorry ""JZ"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > The interesting thing is that I see the packet on the outside wire trying to > reach it's destination. I used sniffer to test this. So basically > when I have this route in place I go to a workstation on the inside network > and ping a public address. I get the ICMP query being performed but > interestingly the source address > is not NATed and appears to be coming from 192.168.1.0 network. Once I > remove the the line "ip route 0.0.0.0 0.0.0.0 Ethernet0" then the dns query > gets NATed and now with the proper source address the replies are recieved. > It seems that putting this line in some how let's the inside network bypass > the NAT process. > ""Paul Lalonde"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > John, > > > > Two things I can think of: > > > > 1. The cable provider is probably providing you with a default gateway > > *anyways* in your DHCP request. Likely, you don't need that static route > > after all. > > > > 2. As far as I can tell, your route wouldn't work in any event. Routing > out > > via a physical interface works fine in serial point-to-point situations > when > > the other next-hop router is going to receive the packet anyway... but > > routing out via an Ethernet interface will likely just *drop* the packet > > onto that broadcast domain (subnet) without pointing it to a specific next > > hop. Keep in mind that Ethernet is a broadcast-based multi-access medium. > By > > routing to the physical Ethernet interface, you're basically dropping the > > packet on the wire, not shoving it directly to the next-hop router. > > > > Hope this helps! > > Paul > > > > > > > > ""John Zaggat"" wrote in message > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > Hi guys/gals, > > > > > > I am using a 1605R with 2 ethernet interfaces as > > > gateway to my cable service provider. My dilemma is > > > that when I put a default route to outside NAT stops > > > working. I verified this by using a sniffer. Without > > > default route everything seems to work fine but it's > > > just bugging the hell out of me that why is it so. Can > > > some one enlighten me ? > > > Here is my config: > > > > > > Router#sh run > > > Building configuration... > > > > > > Current configuration : 939 bytes > > > ! > > > version 12.2 > > > service timestamps debug uptime > > > service timestamps log uptime > > > no service password-encryption > > > service udp-small-servers > > > service tcp-small-servers > > > ! > > > hostname Router > > > ! > > > ! > > > ip subnet-zero > > > ip name-server 66.75.160.42 > > > ip name-server 66.75.160.41 > > > ip dhcp excluded-address 192.168.1.1 192.168.1.10 > > > ! > > > ip dhcp pool INSIDE > > > network 192.168.1.0 255.255.255.0 > > > default-router 192.168.1.1 > > > dns-server 66.75.160.42 > > > ! > > > ip ssh time-out 120 > > > ip ssh authentication-retries 3 > > > ! > > > ! > > > ! > > > ! > > > interface Ethernet0 > > > ip address dhcp > > > ip nat outside > > > no cdp enable > > > ! > > > interface Ethernet1 > > > ip address 192.168.1.1 255.255.255.0 > > > ip nat inside > > > no cdp enable > > > ! > > > ip nat inside source list 1 interface Ethernet0 > > > overload > > > ip classless > > > ip route 0.0.0.0 0.0.0.0 Ethernet0 no ip http server > > > no ip pim bidir-enable > > > ! > > > access-list 1 permit 192.168.1.0 0.0.0.255 > > > no cdp advertise-v2 > > > no cdp run > > > ! > > > line con 0 > > > line vty 0 3 > > > login > > > line vty 4 > > > password cisco > > > login > > > ! > > > end > > > > > > ===== > > > JZ > > > [EMAIL PROTECTED] > > > > > > > > > > > > __________________________________________________ > > > Do You Yahoo!? > > > Yahoo! Health - your guide to health and wellness > > > http://health.yahoo.com
Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=42773&t=42762 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
