First problem i see is the "ip nat enable" command. I think you should take that out make sure the nvi interface gets deleted, possibly by reloading then try your configuration again.
Ed Vazquez
On Feb 19, 2013, at 21:06, Sam Wadhwa <mladka7_at_gmail.com> wrote:
> Hey guys - can someone help with this? It's a L3 problem and really suspect
> NAT not working here
>
> I've been struggling with some configs on this router I'm setting up for a
> friend and just can't get Internet to work
>
> - Wifi association works fine
> - The router can ping the internet fine and tried with 4.2.2.2
> - Client is getting IP address and gateway info fine
> - Client can ping default gw but not an internet address like 4.2.2.2
> - This router's gateway is 10.5.5.168 and that part of the network is fine
> and tested out
>
>
> jaybuddy#wr t
> Building configuration...
>
> Current configuration : 3157 bytes
> !
> ! Last configuration change at 04:22:07 UTC Fri Mar 1 2002
> version 15.1
> no service pad
> service timestamps debug datetime msec
> service timestamps log datetime msec
> no service password-encryption
> !
> hostname jaybuddy
> !
> boot-start-marker
> boot-end-marker
> !
> !
> enable secret 4 U3m4oAxPL6U2QZg5dXhsBS7y6IpWl4NjAhg1.bHP0Vo
> !
> aaa new-model
> !
> !
> !
> !
> !
> !
> !
> aaa session-id common
> !
> crypto pki token default removal timeout 0
> !
> !
> dot11 syslog
> !
> dot11 ssid GUESTRITS
> vlan 2
> authentication open
> authentication key-management wpa
> guest-mode
> wpa-psk ascii 0 test2231
> !
> dot11 ssid jaybuddy
> vlan 1
> authentication open
> authentication key-management wpa
> wpa-psk ascii 0 test2231
> !
> ip source-route
> !
> !
> ip dhcp excluded-address 192.168.1.1
> ip dhcp excluded-address 192.168.1.254
> !
> ip dhcp pool GUESTRITS
> network 192.168.1.0 255.255.255.0
> default-router 192.168.1.1
> !
> !
> !
> ip cef
> no ip domain lookup
> no ipv6 cef
> !
> multilink bundle-name authenticated
> !
> !
> !
> !
> !
> !
> !
> !
> !
> bridge irb
> !
> !
> !
> interface FastEthernet0
> switchport trunk allowed vlan 1,2,1002-1005
> switchport mode trunk
> no ip address
> !
> interface FastEthernet1
> no ip address
> !
> interface FastEthernet2
> no ip address
> !
> interface FastEthernet3
> no ip address
> !
> interface FastEthernet4
> ip address dhcp
> ip nat outside
> ip virtual-reassembly in
> duplex auto
> speed auto
> !
> interface Dot11Radio0
> no ip address
> !
> encryption vlan 1 mode ciphers tkip
> !
> encryption vlan 2 mode ciphers tkip
> !
> ssid GUESTRITS
> !
> speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0
> 48.0 54.0
> station-role root
> !
> interface Dot11Radio0.1
> encapsulation dot1Q 1 native
> bridge-group 1
> bridge-group 1 subscriber-loop-control
> bridge-group 1 spanning-disabled
> bridge-group 1 block-unknown-source
> no bridge-group 1 source-learning
> no bridge-group 1 unicast-flooding
> !
> interface Dot11Radio0.2
> encapsulation dot1Q 2
> bridge-group 2
> bridge-group 2 subscriber-loop-control
> bridge-group 2 spanning-disabled
> bridge-group 2 block-unknown-source
> no bridge-group 2 source-learning
> no bridge-group 2 unicast-flooding
> !
> interface Vlan1
> no ip address
> bridge-group 1
> !
> interface Vlan2
> no ip address
> bridge-group 2
> !
> interface BVI1
> ip address 10.0.0.2 255.255.255.0
> !
> interface BVI2
> ip address 192.168.1.1 255.255.255.0
> ip nat inside
> ip nat enable
> ip virtual-reassembly in
> !
> ip forward-protocol nd
> no ip http server
> no ip http secure-server
> !
> !
> ip nat source list 100 interface FastEthernet4 overload
> !
> access-list 100 permit ip 192.168.1.0 0.0.0.255 any
> !
> !
> !
> !
> !
> !
> !
> control-plane
> !
> bridge 1 protocol ieee
> bridge 1 route ip
> bridge 2 protocol ieee
> bridge 2 route ip
> alias exec si show ip int brief
> alias exec sir show ip route
> alias exec fi show running-config | include
> alias exec fb show running-config | begin
> alias exec sri show run interface
> alias exec sal show access-list
> alias exec sib show ip bgp
> alias exec sio show ip ospf
> alias exec sie show ip eigrp top
> alias exec srm show route-map
> privilege exec all level 5 configure
> privilege exec level 5 reload
> !
> line con 0
> no modem enable
> line aux 0
> line vty 0 4
> transport input all
> !
> scheduler max-task-time 5000
> end
>
> jaybuddy#show ip interface brief
> Interface IP-Address OK? Method Status
> Protocol
> BVI1 10.0.0.2 YES manual up
> up
> BVI2 192.168.1.1 YES manual up
> up
> Dot11Radio0 unassigned YES unset up
> up
> Dot11Radio0.1 unassigned YES unset up
> up
> Dot11Radio0.2 unassigned YES unset up
> up
> FastEthernet0 unassigned YES unset up
> down
> FastEthernet1 unassigned YES unset up
> down
> FastEthernet2 unassigned YES unset up
> down
> FastEthernet3 unassigned YES unset up
> up
> FastEthernet4 10.5.5.106 YES DHCP up
> up
> NVI0 192.168.1.1 YES unset up
> up
> Vlan1 unassigned YES unset up
> up
> Vlan2 unassigned YES unset up
> down
>
>
> jaybuddy# show ip route
> Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
> D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
> N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
> E1 - OSPF external type 1, E2 - OSPF external type 2
> i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
> ia - IS-IS inter area, * - candidate default, U - per-user static
> route
> o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
> + - replicated route, % - next hop override
>
> Gateway of last resort is 10.5.5.168 to network 0.0.0.0
>
> S* 0.0.0.0/0 [254/0] via 10.5.5.168
> 10.0.0.0/8 is variably subnetted, 4 subnets, 2 masks
> C 10.0.0.0/24 is directly connected, BVI1
> L 10.0.0.2/32 is directly connected, BVI1
> C 10.5.5.0/24 is directly connected, FastEthernet4
> L 10.5.5.106/32 is directly connected, FastEthernet4
> 192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
> C 192.168.1.0/24 is directly connected, BVI2
> L 192.168.1.1/32 is directly connected, BVI2
>
>
> If anybody can help out, I'll appreciate it
>
> Thanks!
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Tue Feb 19 2013 - 21:31:27 ART
This archive was generated by hypermail 2.2.0 : Fri Mar 01 2013 - 07:57:58 ART