Hi all,
Trying to get NAT up and running properly on my 1841 router. It seemed to work fine for 80% of websites out there. For some pages, browser will refuse to load saying it cannot be displayed. On some sites if you refresh it, then it'll load properly, on others no matter how much you refresh it, it still won't load. Then on some pages, it'll load the text / link only portion of the page with no graphics.
Pages that I've noticed with problems so far are Symantec, Microsoft, VMware & Hotmail.
This is very strange and if anyone has any hints as to what's going on or guidelines for troubleshooting it'll be much appreciated. Posted the most basic version of the config I have that still doesn't work.
Thanks heaps in advnace!
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname router
!
boot-start-marker
boot-end-marker
!
enable secret 5 ****
!
no aaa new-model
!
resource policy
!
ip cef
!
!
!
!
vpdn enable
!
!
!
crypto pki trustpoint TP-self-signed-1122731203
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1122731203
revocation-check none
rsakeypair TP-self-signed-1122731203
!
!
crypto pki certificate chain TP-self-signed-1122731203
certificate self-signed 01 nvram:IOS-Self-Sig#3302.cer
!
!
!
!
!
interface FastEthernet0/0
description Trunk to Switch
no ip address
duplex auto
speed auto
!
interface FastEthernet0/0.110
encapsulation dot1Q 110
ip address 172.16.30.2 255.255.255.0
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
no snmp trap link-status
!
interface FastEthernet0/0.120
encapsulation dot1Q 120
ip address 172.16.40.1 255.255.255.0
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
no snmp trap link-status
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface ATM0/0/0
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0/0/0.1 point-to-point
no snmp trap link-status
pvc 8/35
pppoe-client dial-pool-number 1
!
!
interface Dialer1
mtu 1492
ip address negotiated
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap callin
ppp chap hostname ****
ppp chap password 7 ****
!
ip route 0.0.0.0 0.0.0.0 Dialer1
!
!
ip http server
ip http access-class 50
ip http secure-server
ip nat inside source list 1 interface Dialer1 overload
!
access-list 1 permit 172.16.30.0 0.0.0.255
access-list 1 permit 172.16.40.0 0.0.0.255
access-list 50 permit 172.16.30.0 0.0.0.255
!
!
!
!
control-plane
!
banner motd
If you are not authorised user in the network, then you must disconnect immediately.
!
line con 0
exec-timeout 0 0
password 7 ****
logging synchronous
login
line aux 0
password 7 ****
login
line vty 0 4
access-class 50 in
password 7 ****
login
line vty 5 807
access-class 50 in
password 7 ****
login
!
scheduler allocate 20000 1000
!
webvpn context Default_context
ssl authenticate verify all
!
no inservice
!
end
Trying to get NAT up and running properly on my 1841 router. It seemed to work fine for 80% of websites out there. For some pages, browser will refuse to load saying it cannot be displayed. On some sites if you refresh it, then it'll load properly, on others no matter how much you refresh it, it still won't load. Then on some pages, it'll load the text / link only portion of the page with no graphics.
Pages that I've noticed with problems so far are Symantec, Microsoft, VMware & Hotmail.
This is very strange and if anyone has any hints as to what's going on or guidelines for troubleshooting it'll be much appreciated. Posted the most basic version of the config I have that still doesn't work.
Thanks heaps in advnace!
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname router
!
boot-start-marker
boot-end-marker
!
enable secret 5 ****
!
no aaa new-model
!
resource policy
!
ip cef
!
!
!
!
vpdn enable
!
!
!
crypto pki trustpoint TP-self-signed-1122731203
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1122731203
revocation-check none
rsakeypair TP-self-signed-1122731203
!
!
crypto pki certificate chain TP-self-signed-1122731203
certificate self-signed 01 nvram:IOS-Self-Sig#3302.cer
!
!
!
!
!
interface FastEthernet0/0
description Trunk to Switch
no ip address
duplex auto
speed auto
!
interface FastEthernet0/0.110
encapsulation dot1Q 110
ip address 172.16.30.2 255.255.255.0
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
no snmp trap link-status
!
interface FastEthernet0/0.120
encapsulation dot1Q 120
ip address 172.16.40.1 255.255.255.0
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
no snmp trap link-status
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface ATM0/0/0
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0/0/0.1 point-to-point
no snmp trap link-status
pvc 8/35
pppoe-client dial-pool-number 1
!
!
interface Dialer1
mtu 1492
ip address negotiated
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap callin
ppp chap hostname ****
ppp chap password 7 ****
!
ip route 0.0.0.0 0.0.0.0 Dialer1
!
!
ip http server
ip http access-class 50
ip http secure-server
ip nat inside source list 1 interface Dialer1 overload
!
access-list 1 permit 172.16.30.0 0.0.0.255
access-list 1 permit 172.16.40.0 0.0.0.255
access-list 50 permit 172.16.30.0 0.0.0.255
!
!
!
!
control-plane
!
banner motd
If you are not authorised user in the network, then you must disconnect immediately.
!
line con 0
exec-timeout 0 0
password 7 ****
logging synchronous
login
line aux 0
password 7 ****
login
line vty 0 4
access-class 50 in
password 7 ****
login
line vty 5 807
access-class 50 in
password 7 ****
login
!
scheduler allocate 20000 1000
!
webvpn context Default_context
ssl authenticate verify all
!
no inservice
!
end