jbartosik
asked on
Cisco 2600 as a home DSL router - problems
I'm trying to configure my 2600 as a router for my home LAN to my DSL service provider. After upgrading the IOS I am now able to pickup a DHCP address from my service provider. I can ping from my router and resolve domain names, I can also ping the 2 windows XP PC's on my home LAN. I can't get my PC's to ping past my outside interface on my router however, e0/0. I know that my service provider arn't blocking ICMP because I have asked them, and I can ping from my router. I am sure, that it's something small like NAT or an access list. I have posted one question on this and after much effort we couldn't get it to work.
Please help. The previous question was, it might help you understand what we tried : https://www.experts-exchange.com/questions/20525298/Problems-with-Cisco-2600-router-as-DHCP-router.html
My current router config is:
Current configuration : 1064 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname router
!
enable password 7 094D5B1B100216
!
ip subnet-zero
!
ip domain round-robin
!
no call rsvp-sync
!
interface Ethernet0/0
description outside DHCP DSL interface
mac-address 0002.a560.b487
ip address dhcp
ip access-group 100 in
ip nat outside
no ip mroute-cache
no keepalive
half-duplex
no cdp enable
!
interface Ethernet0/1
description Inside static Interface to my LAN
ip address 192.168.0.254 255.255.255.0
ip nat inside
half-duplex
!
router rip
version 2
passive-interface Ethernet0/0
network 192.168.1.0
no auto-summary
!
ip nat inside source list 1 interface Ethernet0/0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 Ethernet0/0
ip route 0.0.0.0 255.255.255.0 10.64.0.1 permanent
no ip http server
!
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 100 permit ip any any
!
dial-peer cor custom
!
line con 0
line aux 0
line vty 0 4
password 7 13040200020B05
login
!
end
any help would be appreciated
Please help. The previous question was, it might help you understand what we tried : https://www.experts-exchange.com/questions/20525298/Problems-with-Cisco-2600-router-as-DHCP-router.html
My current router config is:
Current configuration : 1064 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname router
!
enable password 7 094D5B1B100216
!
ip subnet-zero
!
ip domain round-robin
!
no call rsvp-sync
!
interface Ethernet0/0
description outside DHCP DSL interface
mac-address 0002.a560.b487
ip address dhcp
ip access-group 100 in
ip nat outside
no ip mroute-cache
no keepalive
half-duplex
no cdp enable
!
interface Ethernet0/1
description Inside static Interface to my LAN
ip address 192.168.0.254 255.255.255.0
ip nat inside
half-duplex
!
router rip
version 2
passive-interface Ethernet0/0
network 192.168.1.0
no auto-summary
!
ip nat inside source list 1 interface Ethernet0/0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 Ethernet0/0
ip route 0.0.0.0 255.255.255.0 10.64.0.1 permanent
no ip http server
!
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 100 permit ip any any
!
dial-peer cor custom
!
line con 0
line aux 0
line vty 0 4
password 7 13040200020B05
login
!
end
any help would be appreciated
oops, just noticed this as well...
One would think a simple static default route to E0/0 should suffice.
Where did this idea come from?
router rip
version 2
passive-interface Ethernet0/0
network 192.168.1.0
no auto-summary
One would think a simple static default route to E0/0 should suffice.
Where did this idea come from?
router rip
version 2
passive-interface Ethernet0/0
network 192.168.1.0
no auto-summary
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Chigocan and lrmoore, thanks for your help, as soon as deleted the other stuff and put in access-list 1 permit 192.168.0.0 0.0.0.255 it started to work. We tried all kinds of things in the other question, but that made it work. I will change my subnet as you suggest. Thanks for your help, my working config is now:
Current configuration : 900 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname router
!
enable password 7 094D5B1B100216
!
ip subnet-zero
!
!
ip domain round-robin
!
no call rsvp-sync
!
!
!
interface Ethernet0/0
description outside DHCP DSL interface
mac-address 0002.a560.b487
ip address dhcp
ip access-group 100 in
ip nat outside
no ip mroute-cache
no keepalive
half-duplex
no cdp enable
!
interface Ethernet0/1
description Inside static Interface to my LAN
ip address 192.168.0.254 255.255.255.0
ip nat inside
half-duplex
!
ip nat inside source list 1 interface Ethernet0/0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 Ethernet0/0
no ip http server
!
access-list 1 permit 192.168.0.0 0.0.0.255
access-list 100 permit ip any any
!
dial-peer cor custom
!
!
!
!
line con 0
line aux 0
line vty 0 4
password 7 13040200020B05
login
!
end
Current configuration : 900 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname router
!
enable password 7 094D5B1B100216
!
ip subnet-zero
!
!
ip domain round-robin
!
no call rsvp-sync
!
!
!
interface Ethernet0/0
description outside DHCP DSL interface
mac-address 0002.a560.b487
ip address dhcp
ip access-group 100 in
ip nat outside
no ip mroute-cache
no keepalive
half-duplex
no cdp enable
!
interface Ethernet0/1
description Inside static Interface to my LAN
ip address 192.168.0.254 255.255.255.0
ip nat inside
half-duplex
!
ip nat inside source list 1 interface Ethernet0/0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 Ethernet0/0
no ip http server
!
access-list 1 permit 192.168.0.0 0.0.0.255
access-list 100 permit ip any any
!
dial-peer cor custom
!
!
!
!
line con 0
line aux 0
line vty 0 4
password 7 13040200020B05
login
!
end
ASKER
Thanks very much for getting this working, fantastic.
You're welcome.
Now, follow the Cisco Router guides here to make it secure:
http://www.nsa.gov/snac/index.html
Now, follow the Cisco Router guides here to make it secure:
http://www.nsa.gov/snac/index.html
What's 10.64.0.1? if you're on DHCP from your ISP you ought to need only
ip route 0.0.0.0 0.0.0.0 Ethernet0/0
Any packet destined for a subnet other than 192.168.0.X will be put on E0/0...