[nsp] AS5300 8PRI 48DMM, NAT config for modem pool problem

From: Dave VanAuken (dave@hawk-systems.com)
Date: Sat May 05 2001 - 06:15:31 EDT


Been slaving this one for the better part of a day and have about had
my fill of Cisco IOS.

currently have single inbound T1
routable IP block 192.168.1.0/26 (for purposes of layout)
router(gateway): 192.168.1.1
ns1: 192.168.1.6
ns2: 192.168.1.7

Access server (FastEthernet port) ip: 192.168.1.4

Want entire modem pool to share 192.168.1.30 as the public IP address
and use a 172.22.90.0 class C for internal address with Nat handling
the translation.

have tried a number of permutations... can get the 172. ip address
assigned to the dial-in client, and they can ping the access server ip
192.168.1.4, but nowhere else... not sure what i am overlooking.

On top of that, I need to be able to assign routable IP's for
customers who want them (secondary concern right now).

Appreciate a review and hack and slash of the config.

Dave

config file follows >>>>>>>>>>>>>>>>>
!
version 12.1
no service single-slot-reload-enable
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname NAS02
!
logging rate-limit console 10 except errors
aaa new-model
aaa authentication login default local
aaa authentication ppp default if-needed local
enable secret 5 *****
!
username ***** password 7 *********
spe 1/0 1/3
 firmware location system:/ucode/mica_port_firmware
!
!
resource-pool disable
!
clock timezone EST -5
clock summer-time EDT recurring
ip subnet-zero
no ip source-route
no ip finger
ip domain-name mydomain.net
ip host ns2 192.168.1.7
ip host ns1 192.168.1.6
ip name-server 192.168.1.6
ip name-server 192.168.1.7
!
virtual-profile virtual-template 1
multilink virtual-template 1
isdn switch-type primary-dms100
partition flash 2 8 8
!
!
!
controller T1 0
 framing esf
 clock source line primary
 linecode b8zs
 pri-group timeslots 1-24 nfas_d primary nfas_int 1 nfas_group 0
 description Bell T1 555-555-5555
!
controller T1 1
 shutdown
 clock source line secondary 1
!
controller T1 2
 shutdown
 clock source line secondary 2
!
controller T1 3
 shutdown
 clock source line secondary 3
!
controller T1 4
 shutdown
 clock source line secondary 4
!
controller T1 5
 shutdown
 clock source line secondary 5
!
 controller T1 6
 shutdown
 clock source line secondary 6
!
controller T1 7
 shutdown
 clock source line secondary 7
!
!
interface Loopback0
 ip address 172.22.90.1 255.255.255.0
 ip nat inside
!
interface Ethernet0
 no ip address
 shutdown
!
interface Virtual-Template1
 ip unnumbered Loopback0
 ip tcp header-compression passive
 no keepalive
 peer default ip address pool default
 ppp authentication chap pap
 ppp multilink
 multilink max-links 2
!
interface Serial0
 no ip address
 shutdown
 no fair-queue
 clockrate 2015232
!
interface Serial1
 no ip address
 shutdown
 no fair-queue
 clockrate 2015232
!
interface Serial2
 no ip address
 shutdown
 no fair-queue
 clockrate 2015232
!
interface Serial3
no ip address
 shutdown
 no fair-queue
 clockrate 2015232
!
interface Serial0:23
 ip unnumbered Loopback0
 encapsulation ppp
 ip mroute-cache
 no keepalive
 dialer-group 1
 isdn switch-type primary-dms100
 isdn incoming-voice modem
 no peer default ip address
 no fair-queue
 ppp max-bad-auth 3
 ppp authentication chap pap
 ppp multilink
!
interface FastEthernet0
 ip address 192.168.1.4 255.255.255.192
 ip nat outside
 no ip mroute-cache
 duplex auto
 speed auto
!
interface Group-Async0
 ip unnumbered Loopback0
 ip nat inside
 encapsulation ppp
 async mode interactive
 peer default ip address pool default
 no fair-queue
 ppp max-bad-auth 3
 ppp authentication chap pap
 ppp multilink
 group-range 1 48
!
ip local pool default 172.22.90.2 172.22.90.254
ip default-gateway 192.168.1.1
ip nat pool global_pool 192.168.1.30 192.168.1.30 netmask
255.255.255.192
ip nat inside source list 101 pool global_pool overload
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.1.1
ip http server
!
access-list 101 permit ip 172.22.90.0 0.0.0.255 192.168.1.0 0.0.0.64
dialer-list 1 protocol ip permit
banner login ^C

This is a secured device.
Unauthorized use is prohibited by law.

^C
!
line con 0
 transport input none
line 1 48
 autoselect during-login
 autoselect ppp
 modem Dialin
line aux 0
line vty 0 4
!
end
<<<<<<<<<<<<<<<<<<<config file ends



This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:37 EDT