?
Solved

Cisco 4500M router as gateway and nat behind Cable modem

Posted on 2003-03-22
14
Medium Priority
?
558 Views
Last Modified: 2008-02-01
Hi guys.  I am stumped here.  Anyone one of you guys have problem setting up connection using Windows XP Pro through Cisco router?  I got Cisco 4500M which has two ethernet port acting as gateway&nat behind cable modem.  I have tried everything.  I can ping the address of my pc and the default gateway, so I know I have configure everything fine on the gateway router.  However, where I tried to ping the "default gateway", it's not working.  I have tried this setup before which I had no problem with my previous Window system(Win 2000 Pro).  I have set my computer's ip address 10.10.10.2, 255.255.255.0 default gateway, 10.10.10.1 The following is my Cisco 4500 configuration:

Current configuration : 1127 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname 4500M
!
enable secret 5 $1$Epv.$C.MVSVnpvRVNFy4vANrZF1
enable password 462330
!
ip subnet-zero
ip name-server 24.70.xx.xxx
ip name-server 24.70.xx.xxx
!
ip ssh time-out 120
ip ssh authentication-retries 3
interface Ethernet0
 mac-address xxxx.XXXx.xxxx
 description direct connection to cable modem
 ip address 24.86.X.X 255.255.252.0
 ip nat outside
 no ip route-cache
 no ip mroute-cache
 media-type 10BaseT
 no cdp enable
!
interface Ethernet1
 description direct connection to the switch
 ip address 10.10.10.1 255.255.255.0
 ip nat inside
 no ip route-cache
 no ip mroute-cache
 media-type 10BaseT
!
interface Serial0
 no ip address
 shutdown
!
interface Serial1
 no ip address
 shutdown
interface Serial2
 no ip address
 shutdown
!
interface Serial3
 no ip address
 shutdown
!
!
ip nat inside source list 102 interface Ethernet0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 24.86.X.X
ip http server
ip pim bidir-enable
!
!
!!
!
access-list 102 permit ip 10.10.10.0 0.0.0.25 any
!
!
line con 0
 password 462330
line aux 0
line vty 0 4
 password xxxxxx
 login
!
end
0
Comment
Question by:mlien
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 6
14 Comments
 
LVL 79

Expert Comment

by:lrmoore
ID: 8189818
>access-list 102 permit ip 10.10.10.0 0.0.0.25 any

Is the above a typo?
I would expect to see
access-list 102 permit ip 10.10.10.0 0.0.0.255 any

>ip route 0.0.0.0 0.0.0.0 24.86.X.X
Is this the upstream IP address, or the IP address of your own Ethernet port?

I'm confused with these two statements:
>I can ping the address of my pc and the default gateway, so I know I have configure everything fine on the gateway router.  >However, where I tried to ping the "default gateway", it's not working.  

From those statements I gather that from your PC you can ping 10.10.10.1, but not the router's gateway of 24.86.x.x?
Can you ping your router's own Ethernet0 address 24.86.x.x?
Can you capture output of "show interface ether 0"
Are you sure the subnet mask is correct on the Ether0 interface?
0
 

Author Comment

by:mlien
ID: 8190734
Hi,

Sorry about the confusion.  The 0.0.0.25 is a typo there, it shall be 0.0.0.255.  The 24.86.X.1 is my ISP's default gateway.  The 24.86.x.21 is my address given by my ISP.  The problem is I can ping the ethernet address from my Windows XP computer but not the default gateway address. The subnet mask is also given by my ISP.

Ethernet0 is up, line protocol is up
  Hardware is Lance, address is 0020.5aba.0f27 (bia 00e0.1eaf.60f9)
  Internet address is 24.86.220.181/22
  MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec,
     reliability 166/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  Keepalive set (10 sec)
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input never, output 00:00:05, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     0 packets input, 0 bytes, 0 no buffer
     Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
     0 input packets with dribble condition detected
     54 packets output, 3257 bytes, 0 underruns
     54 output errors, 0 collisions, 14 interface resets
     0 babbles, 0 late collision, 0 deferred
     54 lost carrier, 0 no carrier
     0 output buffer failures, 0 output buffers swapped out
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 750 total points
ID: 8191302
>54 packets output, 3257 bytes, 0 underruns
    54 output errors, 0 collisions, 14 interface resets
    54 lost carrier,
your output errors is equal to your packet output. This is an indication of some error condition. Check the cable. Using a Tranceiver?

>The 24.86.x.21 is my address given by ISP
But you have something different on your Ethernet port:
>Ethernet0 is up, line protocol is up
  Internet address is 24.86.220.181/22

.21 is reachable now. .181 is not
Which one are you trying to use?

Note: once we get you working, you can post a question in Community Support for a moderator to edit these posts to take out the real IP addresses..
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 

Author Comment

by:mlien
ID: 8191653
.181 is the I am using for my IP address. .21 is default gateway.  Sorry about the confusion.   Now, I can ping anywhere, but I can't still access to internet.  
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 8191700
What are you using as DNS server configuration on your clients?

Can you post output of C:\>ipconfig /all

look at the nameservers, try to ping that iP address.
0
 

Author Comment

by:mlien
ID: 8191903
I can also ping the Nameservers.  Which is very odd, because if I can ping the default gateway and DNS server.  I can get the connection.  But, which is not in this case. The two DNS address I use are alos provide by my IPS.  I can ping every where inside the network I create, but not going out.  May be I am not configure my NAT statement correctly, don't you think?
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 8191928
Are you still seeing the output errors on the interface?
0
 

Author Comment

by:mlien
ID: 8192022
my "Show interface ethernet1" output
Hardware is Lance, address is 00e0.b05a.f406 (bia 00e0.b05a.f406)
  Internet address is 10.10.10.2/24
  MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec,
     reliability 205/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  Keepalive set (10 sec)
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input 00:00:02, output 00:00:02, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     582 packets input, 56426 bytes, 0 no buffer
     Received 188 broadcasts, 0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
     0 input packets with dribble condition detected
     2443 packets output, 179392 bytes, 0 underruns
     1380 output errors, 0 collisions, 16 interface resets
     0 babbles, 0 late collision, 0 deferred
     1380 lost carrier, 0 no carrier
     0 output buffer failures, 0 output buffers swapped out
0
 

Author Comment

by:mlien
ID: 8192031
my "Show interface ethernet1" output
Hardware is Lance, address is 00e0.b05a.f406 (bia 00e0.b05a.f406)
  Internet address is 10.10.10.2/24
  MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec,
     reliability 205/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  Keepalive set (10 sec)
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input 00:00:02, output 00:00:02, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     582 packets input, 56426 bytes, 0 no buffer
     Received 188 broadcasts, 0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
     0 input packets with dribble condition detected
     2443 packets output, 179392 bytes, 0 underruns
     1380 output errors, 0 collisions, 16 interface resets
     0 babbles, 0 late collision, 0 deferred
     1380 lost carrier, 0 no carrier
     0 output buffer failures, 0 output buffers swapped out
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 8192039
2443 packets output, 179392 bytes, 0 underruns
    1380 output errors, 0 collisions, 16 interface resets
    0 babbles, 0 late collision, 0 deferred
    1380 lost carrier, 0 no carrier
    0 output buffer failures, 0 output buffers swapped out

With all these errors, you still have some other condition between your router and the modem that is preventing communications.
0
 

Author Comment

by:mlien
ID: 8192084
Okay.  what's your suggestion?
0
 

Author Comment

by:mlien
ID: 8192145
Okay.  what's your suggestion?
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 8192166
Check the cable, replace it if you can... are you using a tranceiver to AUI port, or straight to an RJ45 port?
You could have a bad Ethernet port
0
 

Author Comment

by:mlien
ID: 8230135
Hi, I check the cable.  And I don't think it's the problem with ethenet.  Instead of fixing the problem, I am planning to the following, two 2501 routers connected back-to-back to cable modem.  Is this possible?  Have anyone try it before?
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Problem Description:   Couple of months ago we upgraded the ADSL line at our branch office from Home to Business line. The purpose of transforming the service to have static public IP’s. We were in need for public IP’s to publish our web resour…
Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question