Unrestricted APN Needed ?

b@nD · Jul 23, 2012

Traceroute

As requested -- ...........

Code:

Fangorn#traceroute 8.8.8.8

Type escape sequence to abort.
Tracing the route to
*Jul 23 13:05:25.661 SAST: %SEC-6-IPACCESSLOGNP: list 1 permitted 0 192.168.40.3 -> 196.207.35.29, 1 packet
*Jul 23 13:05:27.853 SAST: %LINK-3-UPDOWN: Interface Cellular0/0/0, changed state to up
*Jul 23 13:05:27.853 SAST: %DIALER-6-BIND: Interface Ce0/0/0 bound to profile Di0
*Jul 23 13:05:27.917 SAST: %LINEPROTO-5-UPDOWN: Line protocol on Interface Cellular0/0/0, changed state to up
*Jul 23 13:05:31.661 SAST: %SEC-6-IPACCESSLOGNP: list 1 permitted 0 41.12.2.129 -> 196.207.35.29, 1 packet
*Jul 23 13:05:34.661 SAST: %SEC-6-IPACCESSLOGNP: list 1 permitted 0 41.12.2.129 -> 196.207.35.30, 1 packet  8.8.8.8

  1
*Jul 23 13:05:43.661 SAST: %SEC-6-IPACCESSLOGNP: list 1 permitted 0 41.12.2.129 -> 8.8.8.8, 1 packet   *  *  *
  2  *  *  *
  3  *  *  *
  4  *  *  *
  5  *  *  *
  6  *

*Jul 23 13:06:31.781 SAST: %SEC-6-IPACCESSLOGNP: list 1 permitted 0 217.163.45.253 -> 41.12.2.129, 1 packet  te-9-2.car5.London1.Level3.net (217.163.45.253) 312 msec 608 msec
  7 ae-11-51.car1.London1.Level3.net (4.69.139.66) 276 msec 300 msec 280 msec
  8
*Jul 23 13:06:32.981 SAST: %SEC-6-IPACCESSLOGNP: list 1 permitted 0 196.207.35.29 -> 41.12.2.129, 1 packet  195.50.118.210 372 msec 276 msec 268 msec
  9
*Jul 23 13:06:35.189 SAST: %SEC-6-IPACCESSLOGNP: list 1 permitted 0 195.50.118.210 -> 41.12.2.129, 1 packet  209.85.255.76 280 msec 312 msec 520 msec
 10
*Jul 23 13:06:36.541 SAST: %SEC-6-IPACCESSLOGNP: list 1 permitted 0 209.85.255.76 -> 41.12.2.129, 1 packet  209.85.253.94 [MPLS: Label 307850 Exp 4] 300 msec
    209.85.253.196 [MPLS: Label 796428 Exp 4] 300 msec

*Jul 23 13:06:38.273 SAST: %SEC-6-IPACCESSLOGNP: list 1 permitted 0 209.85.253.94 -> 41.12.2.129, 1 packet  209.85.253.90 [MPLS: Label 771740 Exp 4] 300 msec
 11
*Jul 23 13:06:39.913 SAST: %SEC-6-IPACCESSLOGNP: list 1 permitted 0 209.85.253.90 -> 41.12.2.129, 1 packet  66.249.95.173 [MPLS: Label 572349 Exp 4] 328 msec
    72.14.232.134 [MPLS: Label 497875 Exp 4] 620 msec
    66.249.95.173 [MPLS: Label 598381 Exp 4] 300 msec
 12
*Jul 23 13:06:41.761 SAST: %SEC-6-IPACCESSLOGNP: list 1 permitted 0 72.14.232.134 -> 41.12.2.129, 1 packet  209.85.251.231 280 msec 288 msec 280 msec
 13
*Jul 23 13:06:43.001 SAST: %SEC-6-IPACCESSLOGNP: list 1 permitted 0 209.85.251.231 -> 41.12.2.129, 1 packet   *  *  *
 14  *  *  *
 15  *  *  *
 16  *  *  *
 17  *  *  *
 18  *  *  *
 19  *  *  *
 20  *

Should be able to work out something from those MPLS labels -- should I go look them up now ????

LONDON again -- got to be those DAMN Olympics

Sinbad · Jul 23, 2012

b@nD said:
As requested -- ...........

Should be able to work out something from those MPLS labels -- should I go look them up now ????

LONDON again -- got to be those DAMN Olympics

Sheesh, you like to overcomplicate things!

MPLS labels aren't relevant.

debug ip nat

b@nD · Jul 23, 2012

TWO

Sinbad said:
Nope. Never ever seen an interface needing two IPs before.
Do me a favour - take the hardcoded ip route 0.0.0.0 out of your config and let the router do the routing itself?
It might be that you need the next hop to be the PPP peer rather than your own interface.

There are TWO interfaces -- FA0/0 & Dialer0 // Dialer0 is the gateway FA0/0 is the Interface

OK

0.0.0.0 0.0.0.0 is the IP as well as the mask
So what do you want me to make the IP route statement ?

WHICH ip nat debug ?

Fangorn#debug ip nat ?
<1-99> Access list
cce NAT-CCE support events
detailed NAT detailed events
fragment NAT fragment events
generic NAT generic ALG handler events
h323 NAT H.323 events
ipsec NAT IPSec events
multipart NAT Multipart support events
nvi NVI events
piggyback NAT Piggyback support events
port NAT PORT events
pptp NAT PPTP events
route NAT Static route events
sbc NAT SIP Session Border Controller events
sip NAT SIP events
skinny NAT skinny events
vrf NAT VRF events
wlan-nat WLAN NAT events
<cr>
==============
Unless you are trying to tell me that NAT cannot have an access-list above 99 ??????
You can have named NAT access-lists using route-maps !

Sinbad · Jul 23, 2012

b@nD said:
There are TWO interfaces -- FA0/0 & Dialer0 // Dialer0 is the gateway FA0/0 is the Interface

OK

0.0.0.0 0.0.0.0 is the IP as well as the mask
So what do you want me to make the IP route statement ?

take it out totally.

FA0/0 is your INTERNAL interface. Your ethernet interface. That must have an address in your private space - which it does.
Di0 is also an interface - it gets the public IP address, and establishes a point-to-point like with the PPP server at the other end.

b@nD · Jul 23, 2012

Interfaces

Sinbad said:
take it out totally.
FA0/0 is your INTERNAL interface. Your ethernet interface. That must have an address in your private space - which it does.
Di0 is also an interface - it gets the public IP address, and establishes a point-to-point like with the PPP server at the other end.

Let me belabour my point / observation
This from an ADSL router

Code:

Erebor#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is 0.0.0.0 to network 0.0.0.0

C    192.168.30.0/24 is directly connected, Vlan6
C    192.168.10.0/24 is directly connected, Vlan2
C    192.168.20.0/24 is directly connected, Vlan4
     41.0.0.0/32 is subnetted, 4 subnets
C       41.185.170.1 is directly connected, Dialer1
C       41.146.12.231 is directly connected, Dialer2
C       41.185.170.76 is directly connected, Dialer1
C       41.146.0.1 is directly connected, Dialer2
S*   0.0.0.0/0 is directly connected, Dialer1
               is directly connected, Dialer2
Erebor#

WHAT does this indicate ??????

C 41.185.170.1 is directly connected, Dialer1
C 41.146.12.231 is directly connected, Dialer2
C 41.185.170.76 is directly connected, Dialer1
C 41.146.0.1 is directly connected, Dialer2

WOULD you say that that was ONE or TWO public IP addresses ?

One the gateway is GIVEN by ppp ( in this case I assume the interface of the ISP equipment you are attaching to which is actually going to route you )
One you set ( the INSIDE interface ) which is natted to show here a public IP address

When I say TWO I am including the gateway address

So possibly I am being given an INTERFACE address by Bra Voda but NOT a WORKING router GATEWAY address ???

Either way without BOTH // NOTHING is going to happen !

Sinbad · Jul 23, 2012

b@nD said:
Let me belabour my point / observation
This from an ADSL router

Code:

Erebor#sh ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is 0.0.0.0 to network 0.0.0.0 C 192.168.30.0/24 is directly connected, Vlan6 C 192.168.10.0/24 is directly connected, Vlan2 C 192.168.20.0/24 is directly connected, Vlan4 41.0.0.0/32 is subnetted, 4 subnets C 41.185.170.1 is directly connected, Dialer1 C 41.146.12.231 is directly connected, Dialer2 C 41.185.170.76 is directly connected, Dialer1 C 41.146.0.1 is directly connected, Dialer2 S* 0.0.0.0/0 is directly connected, Dialer1 is directly connected, Dialer2 Erebor#

WHAT does this indicate ??????

C 41.185.170.1 is directly connected, Dialer1
C 41.146.12.231 is directly connected, Dialer2
C 41.185.170.76 is directly connected, Dialer1
C 41.146.0.1 is directly connected, Dialer2

WOULD you say that that was ONE or TWO public IP addresses ?

One the gateway is GIVEN by ppp ( in this case I assume the interface of the ISP equipment you are attaching to which is actually going to route you )
One you set ( the INSIDE interface ) which is natted to show here a public IP address

When I say TWO I am including the gateway address

So possibly I am being given an INTERFACE address by Bra Voda but NOT a WORKING router GATEWAY address ???

Either way without BOTH // NOTHING is going to happen !

*sigh*

You have two ADSL accounts running on that line. Dialer1 and Dialer2 are connected simultaneously.

Oh I see what you are saying... the second address on each dialer interface you are seeing is the subnet of the ppp connection. Not relevant here.

b@nD · Jul 23, 2012

PROVE ME WRONG !

Sinbad said:
take it out totally.

OK
=============
Fangorn(config)#no ip route 0.0.0.0 0.0.0.0 Dialer0
Fangorn(config)#exit
Fangorn#
*Jul 23 13:54:27.089 SAST: %SYS-5-CONFIG_I: Configured from console by Root on console
Fangorn#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, + - replicated route

Gateway of last resort is not set

41.0.0.0/32 is subnetted, 1 subnets
C 41.9.168.120 is directly connected, Dialer0
192.168.40.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.40.0/24 is directly connected, FastEthernet0/0
L 192.168.40.3/32 is directly connected, FastEthernet0/0
Fangorn#
=================

All it does is take away the Gateway of last resort ......... ( blah )

41.9.168.120 looks to me very much like an INTERFACE address rather than a GATEWAY address ( that can be routed from )

PLEASE Bra VODA prove me wrong -- your "internet" APN is a dogs breakfast !!!!!

( Actually I am betting that for some at that palace in Midrand this could be a five star Cordon Bleau feast

)

Sinbad · Jul 23, 2012

b@nD said:
OK
=============
Fangorn(config)#no ip route 0.0.0.0 0.0.0.0 Dialer0
Fangorn(config)#exit
Fangorn#
*Jul 23 13:54:27.089 SAST: %SYS-5-CONFIG_I: Configured from console by Root on console
Fangorn#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, + - replicated route

Gateway of last resort is not set

41.0.0.0/32 is subnetted, 1 subnets
C 41.9.168.120 is directly connected, Dialer0
192.168.40.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.40.0/24 is directly connected, FastEthernet0/0
L 192.168.40.3/32 is directly connected, FastEthernet0/0
Fangorn#
=================

All it does is take away the Gateway of last resort ......... ( blah )

41.9.168.120 looks to me very much like an INTERFACE address rather than a GATEWAY address ( that can be routed from )

PLEASE Bra VODA prove me wrong -- your "internet" APN is a dogs breakfast !!!!!

( Actually I am betting that for some at that palace in Midrand this could be a five star Cordon Bleau feast )

There is ZERO difference between a PAT setup and a single PC accessing the internet, from the ISP's point of view.

debug ip nat please.

b@nD · Jul 23, 2012

Relevance !

Sinbad said:
Oh I see what you are saying... the second address on each dialer interface you are seeing is the subnet of the ppp connection.
Not relevant here.

*sigh*

WHY -- how can it NOT be relevant ????

Sinbad · Jul 23, 2012

b@nD said:
*sigh*

WHY -- how can it NOT be relevant ????

Because ADSL is a different technology to 3G?

debug ip nat please.

b@nD · Jul 23, 2012

Routing .........

Sinbad said:
There is ZERO difference between a PAT setup and a single PC accessing the internet, from the ISP's point of view.
debug ip nat please.

I agree -- PAT nats a whole subnet behind ONE valid public IP

BUT we need a valid next hop router address that is on the internat

WHICH nat debug option & what are you hoping to see ?

Happy to run ip nat debug when you tell me which one ?

WHAT is my next hop from the dialer 0 interface ( to the ISP ) and is it a public or private address ?

Will / can I be routed from that next hop address ?

WHICH IP is going to be natted ? ( HOPEFULLY NOT the gateway address ? )

Sinbad · Jul 23, 2012

Just type debug ip nat

then try and access some stuff from the internal network, then show log

Next hop should automatically be handled by the ppp stuff - next hop will be an access router on their side. Whether it's public or private isn't relevant.
You should be natted behind the IP address of your dialer0 interface.

b@nD · Jul 23, 2012

Different

Sinbad said:
Because ADSL is a different technology to 3G?
debug ip nat please.

This is what a connection to 8ta looks like ( from a single PC )

Code:

Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\>route print

IPv4 Route Table
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10004 ...00 21 70 81 b9 d4 ...... Broadcom NetXtreme 57xx Gigabit Controller - Packet Scheduler Mi
niport
0x10005 ...00 1a 6b 3e a3 00 ...... Bluetooth Personal Area Network - Packet Scheduler Miniport
0x20006 ...02 80 37 ec 02 00 ...... Dell Wireless 5530 HSPA Mobile Broadband Minicard NetworkAdapter
 - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0   41.150.209.251   41.150.209.249     30
   41.150.209.248  255.255.255.248   41.150.209.249   41.150.209.249     30
   41.150.209.249  255.255.255.255        127.0.0.1        127.0.0.1     30
   41.255.255.255  255.255.255.255   41.150.209.249   41.150.209.249     30
        127.0.0.0        255.0.0.0        127.0.0.1        127.0.0.1      1
        224.0.0.0        240.0.0.0   41.150.209.249   41.150.209.249     30
  255.255.255.255  255.255.255.255   41.150.209.249   41.150.209.249      1
  255.255.255.255  255.255.255.255   41.150.209.249            10005      1
  255.255.255.255  255.255.255.255   41.150.209.249            10004      1
Default Gateway:    41.150.209.251
===========================================================================
Persistent Routes:
  None


Ethernet adapter Dell-5530-HSPA:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Dell Wireless 5530 HSPA Mobile Broadband Minicard NetworkAdapter
   Physical Address. . . . . . . . . : 02-80-37-EC-02-00
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IP Address. . . . . . . . . . . . : 41.150.209.249
   Subnet Mask . . . . . . . . . . . : 255.255.255.248
   Default Gateway . . . . . . . . . : 41.150.209.251
   DHCP Server . . . . . . . . . . . : 41.150.209.250
   DNS Servers . . . . . . . . . . . : 196.43.53.190
                                       196.43.54.190
   NetBIOS over Tcpip. . . . . . . . : Disabled
   Lease Obtained. . . . . . . . . . : 22 July 2012 23:14:PM
   Lease Expires . . . . . . . . . . : 22 July 2012 23:19:PM

IP Address. . . . . . . . . . . . : 41.150.209.249
Subnet Mask . . . . . . . . . . . : 255.255.255.248
Default Gateway . . . . . . . . . : 41.150.209.251
DHCP Server . . . . . . . . . . . : 41.150.209.250
DNS Servers . . . . . . . . . . . : 196.43.53.190
196.43.54.190

Can you see that there is an INTERFACE address that is DIFFERENT to the GATEWAY address

HOW is this so different to the previous ADSL print out ? Is .248 no /32 ?

Sinbad · Jul 23, 2012

b@nD said:

This is what a connection to 8ta looks like ( from a single PC )

Code:

Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\>route print

IPv4 Route Table
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10004 ...00 21 70 81 b9 d4 ...... Broadcom NetXtreme 57xx Gigabit Controller - Packet Scheduler Mi
niport
0x10005 ...00 1a 6b 3e a3 00 ...... Bluetooth Personal Area Network - Packet Scheduler Miniport
0x20006 ...02 80 37 ec 02 00 ...... Dell Wireless 5530 HSPA Mobile Broadband Minicard NetworkAdapter
 - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0   41.150.209.251   41.150.209.249     30
   41.150.209.248  255.255.255.248   41.150.209.249   41.150.209.249     30
   41.150.209.249  255.255.255.255        127.0.0.1        127.0.0.1     30
   41.255.255.255  255.255.255.255   41.150.209.249   41.150.209.249     30
        127.0.0.0        255.0.0.0        127.0.0.1        127.0.0.1      1
        224.0.0.0        240.0.0.0   41.150.209.249   41.150.209.249     30
  255.255.255.255  255.255.255.255   41.150.209.249   41.150.209.249      1
  255.255.255.255  255.255.255.255   41.150.209.249            10005      1
  255.255.255.255  255.255.255.255   41.150.209.249            10004      1
Default Gateway:    41.150.209.251
===========================================================================
Persistent Routes:
  None


Ethernet adapter Dell-5530-HSPA:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Dell Wireless 5530 HSPA Mobile Broadband Minicard NetworkAdapter
   Physical Address. . . . . . . . . : 02-80-37-EC-02-00
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IP Address. . . . . . . . . . . . : 41.150.209.249
   Subnet Mask . . . . . . . . . . . : 255.255.255.248
   Default Gateway . . . . . . . . . : 41.150.209.251
   DHCP Server . . . . . . . . . . . : 41.150.209.250
   DNS Servers . . . . . . . . . . . : 196.43.53.190
                                       196.43.54.190
   NetBIOS over Tcpip. . . . . . . . : Disabled
   Lease Obtained. . . . . . . . . . : 22 July 2012 23:14:PM
   Lease Expires . . . . . . . . . . : 22 July 2012 23:19:PM

IP Address. . . . . . . . . . . . : 41.150.209.249
Subnet Mask . . . . . . . . . . . : 255.255.255.248
Default Gateway . . . . . . . . . : 41.150.209.251
DHCP Server . . . . . . . . . . . : 41.150.209.250
DNS Servers . . . . . . . . . . . : 196.43.53.190
196.43.54.190

Can you see that there is an INTERFACE address that is DIFFERENT to the GATEWAY address

HOW is this so different to the previous ADSL print out ? Is .248 no /32 ?

Gateway is the ppp peer. It's on their side.
The Interface address is YOUR ROUTER's dialer0 address in this case... and natting would happen behind THAT address.
And no. .248 is NOT /32...
.248 subnet mask is a /29 which is a strange way to configure a point-to-point interface, but hey.

ambo · Jul 23, 2012

b@nD said:
I agree -- PAT nats a whole subnet behind ONE valid public IP

BUT we need a valid next hop router address that is on the internat

No you don't. It is perfectly fine to have an interface defined as your next hop if you are using a point-to-point style connection like PPP.

b@nD said:
WHAT is my next hop from the dialer 0 interface ( to the ISP ) and is it a public or private address ?

Will / can I be routed from that next hop address ?

Irrelevant. As per your traceroute, the packets make it out to the Internet and they also make it back to you. Nothing is broken on Vodacom's network. Its the config on your router that is broken.

b@nD · Jul 23, 2012

Broken ?

ambo said:
No you don't. It is perfectly fine to have an interface defined as your next hop if you are using a point-to-point style connection like PPP.
Irrelevant.
As per your traceroute, the packets make it out to the Internet and they also make it back to you.
Nothing is broken on Vodacom's network.
Its the config on your router that is broken.

It is ONLY the routers dialer0 packets that are making it back out and in
FA0/0 needs to be natted to make it out and back in -- this is not happening
It would appear that the public address given to the Dialer0 interface is an already natted address ?

The gateway needs to have a public IP address ( in order for traffic to go out on the internet )
The FA0/0 interface also needs to have a public address for the LAN traffic to get out onto the internet
These IP's need to be natted (192.168.40.0)

I understand the search is then on for why the FA0/0 IP is not being natted ?

See other post to Sinbad

Sinbad · Jul 23, 2012

So then, where's the output of debug ip nat?

You've made some changes... please post the sections from your running conf pertaining to:
cellular0
fa0
fa1
di0
and your access lists...

b@nD · Jul 23, 2012

Tea Time

Sinbad said:
Just type debug ip nat
then try and access some stuff from the internal network, then show log
Next hop should automatically be handled by the ppp stuff - next hop will be an access router on their side.
Whether it's public or private isn't relevant.
You should be natted behind the IP address of your dialer0 interface.

OK
Fangorn#sh debug
Generic IP:
IP NAT debugging is on
IP NAT detailed debugging is on

From the console
I can ping the PC address 192.168.40.26 --> ok
I can ping the Router FA0/0 address 192.168.40.3 --> ok
I can ping the public address allocated to Dialer 0 --> ok

From the Router ( console cable ) I can ping
the PC --> ok
the dialer interface -->ok
the assigned IP --> ok

So between the router and the PC ALL pings are successful

However there is NOTHING coming up on the NAT

This is what NAT debug is showing in the logs

Code:

Fangorn#
*Jul 23 15:09:25.657 SAST: NAT: IP address has changed on interface Dialer0 : 0.0.0.0
*Jul 23 15:09:25.657 SAST: NAT: IP address has changed on interface Dialer0 : 41.12.64.48
*Jul 23 15:09:25.661 SAST: NAT: creating portlist proto 6 globaladdr 41.12.64.48

Should 0.0.0.0 be being NATTED ?
Surely this should be an IP on a router already in public format ?
IF dialer one is being natted from 0.0.0.0 then I guess FA0/0 is not going to be natted ?

I just cannot see any other reason for FA0/0 not being natted ?

As for the config being broken -- I will pass that on to Cisco as it is THEIR example !

Sinbad · Jul 23, 2012

traceroute from the pc to an internet address?

b@nD · Jul 23, 2012

No Joy

Sinbad said:
traceroute from the pc to an internet address?

As requested

C:\>tracert 196.43.9.21

Tracing route to 196.43.9.21 over a maximum of 30 hops

1 <1 ms <1 ms <1 ms 192.168.40.1
2 * * * Request timed out.
3 * ^C
C:\>
==========

I changed the FA0/0 address just to make typing a bit easier

The first bit at least looks correct but the rest is NOT happening

NO connection / throughput from the LAN side

WAN works -- but that is not a PC

Join the MyBroadband community

Get started

Unrestricted APN Needed ?

Banned

Honorary Master

Banned

Honorary Master

Banned

Honorary Master

Banned

Honorary Master

Banned

Honorary Master

Banned

Honorary Master

Banned

Honorary Master

Expert Member

Banned

Honorary Master

Banned

Honorary Master

Banned