Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

cisco 2801 router help (what am i doing wrong?)

Posted on 2010-08-31
14
Medium Priority
?
618 Views
Last Modified: 2012-08-13
Title says it all - I believed I had everything working and boss changed up project.

I'm connecting a clear access adsl modem AG-10 to fa0/0 (outside) static IP *bridge mode*,
connecting fa0/1 (inside) to a PC via small switch.

config is:

Currently there is no route to the internet from the inside connection. This is what I'd like to achieve.

Thanks.
Router#sho conf
Using 753 out of 196600 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
ip cef
!
!
!
!
!
multilink bundle-name authenticated
!
!
voice-card 0
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
 ip address 76.BBB.CC.DDD 255.255.255.192
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 192.168.1.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 duplex auto
 speed auto
!
!
!
ip http server
no ip http secure-server
!
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 login
!
scheduler allocate 20000 1000
end

Open in new window

0
Comment
Question by:encoremdj
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 3
  • 2
  • +2
14 Comments
 
LVL 14

Expert Comment

by:anoopkmr
ID: 33570196
if u want internet connection from local lan, try like this .

ip route 0.0.0.0 0.0.0.0 <gateway IP, u can get it from ISP>

access-list 101 permit ip 192.168.1.0 0.0.0.255 any
ip nat inside source list 101 int f0/0 overload

0
 
LVL 21

Expert Comment

by:netcmh
ID: 33570234

ip nat inside source list 1 interface fa0/0 overload

then one line access-list with permissions for Your private networ

access-list 1 permit any any

So any host inside can access any host in Internet

access-list 1 permit 192.168.1.0 0.0.0.255
0
 

Author Comment

by:encoremdj
ID: 33572187
I feel like im getting close...
here is a config snippet, no route currently. Adsl connection directly connected to PC is live (after static IP and dns is entered)

fa0/0 (outside)
fa0/1 (inside)
!
!
interface FastEthernet0/0
 ip address 76.77.18.201 255.255.255.192
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 192.168.1.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 duplex auto
 speed auto
!
!
!
ip http server
no ip http secure-server
ip nat inside source list 1 interface FastEthernet0/0 overload
!
access-list 1 permit 192.168.1.0 0.0.0.255
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 login
!
scheduler allocate 20000 1000
end

Open in new window

0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:encoremdj
ID: 33572226

Router(config)#access-list 1 permit ip 192.168.1.0.0.0.0.255 any
Translating "ip"...domain server (255.255.255.255)

Translating "ip"...domain server (255.255.255.255)

Open in new window

0
 

Expert Comment

by:jspradley
ID: 33573143
Do  you have a dns server configured on your dhcp server options?  How is your client PC getting IP address?  If you are setting the PC IP address manually what are the settings you are using?

You should try the ping command form the router CLI or a Client PC  to IP address 8.8.8.8 that is google's public dns server.
0
 

Author Comment

by:encoremdj
ID: 33573346
"If you are setting the PC IP address manually what are the settings you are using?"
Yes. My DNS is set manually on the client PC with a vlan ip address (manually assigned)

ie. 192.168.1.2 255.255.255.0 - gateway IP is set to 192.168.1.1 (the fe0/1)
Ive set no DNS on the router just a static ip as seen on the code snippet.
Ive set no ip route (i tried anoopkmr's command and it says its incomplete)
"ip route 76.77.18.X 255.255.255.192" 
I'm not able to ping outside, the router's static ip is the only thing reachable (surprisingly at a 255 ms latency)
0
 
LVL 14

Assisted Solution

by:anoopkmr
anoopkmr earned 400 total points
ID: 33573784
u have to add gw also

ip route 0.0.0.0 0.0.0.0 < gw ip>
0
 

Author Comment

by:encoremdj
ID: 33573843
anoopkmr in getting

Router(config)#ip route 76.77.18.XXX 255.255.255.192
% Incomplete command.


or do you want me to actually use
ip route 0.0.0.0 0.0.0.0
0
 
LVL 6

Accepted Solution

by:
Wissam earned 1200 total points
ID: 33574888
For standard access list, you only provide your source address (without specifiying the protocol)
so it will be:
access-list 1 permit 192.168.1.0.0.0.0.255
the ip route should have the destination, in your case you are giving a default route pointint to that destination, so it has to be:
ip route 0.0.0.0 0.0.0.0 76.77.18.XXX          (The XXX should be replaced by the digit provided by your isp to use as a default gateway)
along the: ip nat inside source list 1 int f0/0 overload
should be a working configuration
0
 
LVL 21

Assisted Solution

by:netcmh
netcmh earned 400 total points
ID: 33576137
ip route 0.0.0.0 0.0.0.0 Fa0/0
0
 

Author Closing Comment

by:encoremdj
ID: 33578520
thanks guys send me your christmas list! ill happily buy ya a beer!
0
 
LVL 21

Expert Comment

by:netcmh
ID: 33578530
Thanks for the grade, bro. I'd like a Notion Ink Adam tablet, please. Oh you said beer, I'll pass.
0
 

Author Comment

by:encoremdj
ID: 33578975
web traffic seems slow any ideas (the solution is working well enough though)
!
!
interface FastEthernet0/0
 ip address 76.77.18.201 255.255.255.192
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 192.168.1.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 duplex auto
 speed auto
!
ip route 0.0.0.0 0.0.0.0 FastEthernet0/0
ip route 0.0.0.0 0.0.0.0 76.77.18.193
!
!
ip http server
no ip http secure-server
ip nat inside source list 1 interface FastEthernet0/0 overload
!
access-list 1 permit 192.168.1.0 0.0.0.255
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 login
!
scheduler allocate 20000 1000
end
0
 

Author Comment

by:encoremdj
ID: 33579305
nevermind
ip route 0.0.0.0 0.0.0.0 Fa0/0
was causing a loop, removed (no) it works better than fine now thanks again everyone...
0

Featured Post

Protect Your Retail Business and Reputation

Wi-Fi access doesn't just impact your business & customer experience, it can also affect your security.  Join us for an informative webinar to learn more about the top threats and trends impacting retail today, and the key solutions to protecting retail networks and reputations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question