Bonjour,
Je me permets de vous demander un coup de main car je bloque sur un truc un peu fou...
Je commence par configure le class vendor :
!
interface GigabitEthernet0/13
description INTERCO-WAN
no switchport
ip dhcp client class-id neufbox_NB6VAC
ip address dhcp
ip nat outside
no cdp enable
no lldp transmit
spanning-tree portfast edge
spanning-tree bpdufilter enable
!
Résultat ca fonctionne, je recupère bien mon IP WAN :
Switch#show interfaces GigabitEthernet 0/13
GigabitEthernet0/13 is up, line protocol is up (connected)
Hardware is Gigabit Ethernet, address is d4ad.71ef.c3c1 (bia d4ad.71ef.c3c1)
Description: INTERCO-WAN
Internet address is 93.4.27.165/24
MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive not set
Full-duplex, 1000Mb/s, media type is 10/100/1000BaseTX
input flow-control is off, output flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:03, output 00:00:03, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 2000 bits/sec, 2 packets/sec
926 packets input, 87052 bytes, 0 no buffer
Received 51 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
Ensuite je mets en place mon NAT :
ip nat inside source list 10 interface GigabitEthernet0/13 overload
access-list 10 permit 192.168.1.0 0.0.0.255
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/13 dhcp
Super je commence mes tests de vérification :
Switch#ping 8.8.8.8 source vlan 900
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
Packet sent with a source address of 192.168.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 7/7/11 msSwitch#show ip nat translations
Pro Inside global Inside local Outside local Outside global
icmp 93.4.27.165:1024 192.168.1.1:17 8.8.8.8:17 8.8.8.8:1024
icmp 93.4.27.165:1025 192.168.1.1:18 8.8.8.8:18 8.8.8.8:1025
Cependant le gros souci !! C'est dès que je mets un PC sur un des ports de mon switch qui est dans le vlan 900 (mode access)
Impossible de pinguer sur internet, je ping bien ma passerelle, mon IP publique reçu sur mon interface Gi0/13, mais je ne vais pas plus loin...
C'est totalement incompréhensible.
!
interface Vlan900
ip address 192.168.1.1 255.255.255.0
ip nat inside
!
!
interface GigabitEthernet0/13
description INTERCO-WAN
no switchport
ip dhcp client class-id neufbox_NB6VAC
ip address dhcp
ip nat outside
no cdp enable
no lldp transmit
spanning-tree portfast edge
spanning-tree bpdufilter enable
!
!
interface GigabitEthernet0/2
description Utilisateur
switchport access vlan 900
switchport mode access
spanning-tree portfast edge
!
Switch#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is 93.4.27.1 to network 0.0.0.0
S* 0.0.0.0/0 [254/0] via 93.4.27.1
93.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 93.4.27.0/24 is directly connected, GigabitEthernet0/13
L 93.4.27.165/32 is directly connected, GigabitEthernet0/13
192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.1.0/24 is directly connected, Vlan900
L 192.168.1.1/32 is directly connected, Vlan900
Switch#
Merci d'avance, si vous n'avez ne serait-ce que la moindre idée/piste.
Cisco