Solved

cisco 2801 router help (what am i doing wrong?)

Posted on 2010-08-31
14
616 Views
Last Modified: 2012-08-13
Title says it all - I believed I had everything working and boss changed up project.

I'm connecting a clear access adsl modem AG-10 to fa0/0 (outside) static IP *bridge mode*,
connecting fa0/1 (inside) to a PC via small switch.

config is:

Currently there is no route to the internet from the inside connection. This is what I'd like to achieve.

Thanks.
Router#sho conf
Using 753 out of 196600 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
ip cef
!
!
!
!
!
multilink bundle-name authenticated
!
!
voice-card 0
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
 ip address 76.BBB.CC.DDD 255.255.255.192
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 192.168.1.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 duplex auto
 speed auto
!
!
!
ip http server
no ip http secure-server
!
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 login
!
scheduler allocate 20000 1000
end

Open in new window

0
Comment
Question by:encoremdj
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 3
  • 2
  • +2
14 Comments
 
LVL 14

Expert Comment

by:anoopkmr
ID: 33570196
if u want internet connection from local lan, try like this .

ip route 0.0.0.0 0.0.0.0 <gateway IP, u can get it from ISP>

access-list 101 permit ip 192.168.1.0 0.0.0.255 any
ip nat inside source list 101 int f0/0 overload

0
 
LVL 20

Expert Comment

by:netcmh
ID: 33570234

ip nat inside source list 1 interface fa0/0 overload

then one line access-list with permissions for Your private networ

access-list 1 permit any any

So any host inside can access any host in Internet

access-list 1 permit 192.168.1.0 0.0.0.255
0
 

Author Comment

by:encoremdj
ID: 33572187
I feel like im getting close...
here is a config snippet, no route currently. Adsl connection directly connected to PC is live (after static IP and dns is entered)

fa0/0 (outside)
fa0/1 (inside)
!
!
interface FastEthernet0/0
 ip address 76.77.18.201 255.255.255.192
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 192.168.1.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 duplex auto
 speed auto
!
!
!
ip http server
no ip http secure-server
ip nat inside source list 1 interface FastEthernet0/0 overload
!
access-list 1 permit 192.168.1.0 0.0.0.255
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 login
!
scheduler allocate 20000 1000
end

Open in new window

0
Plug and play, no additional software required!

The ATEN UE3310 USB3.1 Gen1 Extender Cable allows users to extend the distance between the computer and USB devices up to 10 m (33 ft). The UE3310 is a high-quality, cost-effective solution for professional environments such as hospitals, factories and business facilities.

 

Author Comment

by:encoremdj
ID: 33572226

Router(config)#access-list 1 permit ip 192.168.1.0.0.0.0.255 any
Translating "ip"...domain server (255.255.255.255)

Translating "ip"...domain server (255.255.255.255)

Open in new window

0
 

Expert Comment

by:jspradley
ID: 33573143
Do  you have a dns server configured on your dhcp server options?  How is your client PC getting IP address?  If you are setting the PC IP address manually what are the settings you are using?

You should try the ping command form the router CLI or a Client PC  to IP address 8.8.8.8 that is google's public dns server.
0
 

Author Comment

by:encoremdj
ID: 33573346
"If you are setting the PC IP address manually what are the settings you are using?"
Yes. My DNS is set manually on the client PC with a vlan ip address (manually assigned)

ie. 192.168.1.2 255.255.255.0 - gateway IP is set to 192.168.1.1 (the fe0/1)
Ive set no DNS on the router just a static ip as seen on the code snippet.
Ive set no ip route (i tried anoopkmr's command and it says its incomplete)
"ip route 76.77.18.X 255.255.255.192" 
I'm not able to ping outside, the router's static ip is the only thing reachable (surprisingly at a 255 ms latency)
0
 
LVL 14

Assisted Solution

by:anoopkmr
anoopkmr earned 100 total points
ID: 33573784
u have to add gw also

ip route 0.0.0.0 0.0.0.0 < gw ip>
0
 

Author Comment

by:encoremdj
ID: 33573843
anoopkmr in getting

Router(config)#ip route 76.77.18.XXX 255.255.255.192
% Incomplete command.


or do you want me to actually use
ip route 0.0.0.0 0.0.0.0
0
 
LVL 6

Accepted Solution

by:
wpharaon earned 300 total points
ID: 33574888
For standard access list, you only provide your source address (without specifiying the protocol)
so it will be:
access-list 1 permit 192.168.1.0.0.0.0.255
the ip route should have the destination, in your case you are giving a default route pointint to that destination, so it has to be:
ip route 0.0.0.0 0.0.0.0 76.77.18.XXX          (The XXX should be replaced by the digit provided by your isp to use as a default gateway)
along the: ip nat inside source list 1 int f0/0 overload
should be a working configuration
0
 
LVL 20

Assisted Solution

by:netcmh
netcmh earned 100 total points
ID: 33576137
ip route 0.0.0.0 0.0.0.0 Fa0/0
0
 

Author Closing Comment

by:encoremdj
ID: 33578520
thanks guys send me your christmas list! ill happily buy ya a beer!
0
 
LVL 20

Expert Comment

by:netcmh
ID: 33578530
Thanks for the grade, bro. I'd like a Notion Ink Adam tablet, please. Oh you said beer, I'll pass.
0
 

Author Comment

by:encoremdj
ID: 33578975
web traffic seems slow any ideas (the solution is working well enough though)
!
!
interface FastEthernet0/0
 ip address 76.77.18.201 255.255.255.192
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 192.168.1.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 duplex auto
 speed auto
!
ip route 0.0.0.0 0.0.0.0 FastEthernet0/0
ip route 0.0.0.0 0.0.0.0 76.77.18.193
!
!
ip http server
no ip http secure-server
ip nat inside source list 1 interface FastEthernet0/0 overload
!
access-list 1 permit 192.168.1.0 0.0.0.255
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 login
!
scheduler allocate 20000 1000
end
0
 

Author Comment

by:encoremdj
ID: 33579305
nevermind
ip route 0.0.0.0 0.0.0.0 Fa0/0
was causing a loop, removed (no) it works better than fine now thanks again everyone...
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Is your computer hacked? learn how to detect and delete malware in your PC
David Varnum recently wrote up his impressions of PRTG, based on a presentation by my colleague Christian at Tech Field Day at VMworld in Barcelona. Thanks David, for your detailed and honest evaluation!
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

622 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question