I have Cisco 1812 router which I would like to setup as our office internet gateway. Although I followed guides on Cisco web site, I cannot get NAT to work.
My problem is that NAT is not happening, and I cannot get why.
When I connect to router, I get IP address from DHCP, and I can ping both local interface IP (192.168.210.254) and public IP (212.94.196.71 slightly changed), but I cannot get pass to internet. I cannot ping default gateway from machine connected to local interface, but I can ping it from the router itself, as well as any site on the internet.
Lastly, show ip nat translations is showing empty list.
What am I doing wrong?
Here is my configuration
Current configuration : 2022 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname router
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$FXW9$XXXXXXXXXXXXXXXXXXX.
!
no aaa new-model
!
resource policy
!
no ip routing
!
!
no ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.210.240 192.168.210.254
ip dhcp excluded-address 192.168.210.1 192.168.210.4
!
ip dhcp pool lan1
network 192.168.210.0 255.255.255.0
dns-server 192.168.210.100
default-router 192.168.210.254
domain-name mydomain.com
!
ip name-server 210.127.96.3
ip name-server 210.127.96.4
!
interface FastEthernet0
ip address 192.168.210.254 255.255.255.0
ip nat inside
ip virtual-reassembly
no ip route-cache
speed auto
full-duplex
!
interface FastEthernet1
ip address 212.94.196.71 255.255.255.240
ip nat outside
ip virtual-reassembly
no ip route-cache
duplex auto
speed auto
!
interface BRI0
no ip address
encapsulation hdlc
no ip route-cache
shutdown
!
interface FastEthernet2
shutdown
!
interface FastEthernet3
shutdown
!
interface FastEthernet4
shutdown
!
interface FastEthernet5
shutdown
!
interface FastEthernet6
shutdown
!
interface FastEthernet7
shutdown
!
interface FastEthernet8
shutdown
!
interface FastEthernet9
shutdown
!
interface Vlan1
ip address 192.168.1.254 255.255.255.0
no ip route-cache
!
interface Vlan10
ip address 10.28.10.254 255.255.255.0
no ip route-cache
!
interface Vlan11
ip address 10.1.11.254 255.255.255.0
no ip route-cache
!
interface Vlan55
ip address 10.28.55.254 255.255.255.0
no ip route-cache
!
ip default-gateway 212.94.196.65
!
!
no ip http server
no ip http secure-server
ip nat pool ovrld 212.94.196.71 212.94.196.71 prefix-length 28
!
access-list 7 permit 192.168.210.0 0.0.0.31
snmp-server community public RO
!
control-plane
!
line con 0
line aux 0
line vty 0 4
login
!
!
webvpn context Default_context
ssl authenticate verify all
!
no inservice
!
end
You forgot enable translation of inside source addresses.
ip nat inside source { list <acl> pool <name> [overload] |
static <local-ip><global-ip> }
I see you already have an access-list so (according to your private addressing) in global config add:
ip nat inside source list 7 pool ovrld
Additional Edit:
With IP routing enabled ip routing it works