Solved

cisco 2801 router help (what am i doing wrong?)

Posted on 2010-08-31
14
614 Views
Last Modified: 2012-08-13
Title says it all - I believed I had everything working and boss changed up project.

I'm connecting a clear access adsl modem AG-10 to fa0/0 (outside) static IP *bridge mode*,
connecting fa0/1 (inside) to a PC via small switch.

config is:

Currently there is no route to the internet from the inside connection. This is what I'd like to achieve.

Thanks.
Router#sho conf
Using 753 out of 196600 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
ip cef
!
!
!
!
!
multilink bundle-name authenticated
!
!
voice-card 0
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
 ip address 76.BBB.CC.DDD 255.255.255.192
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 192.168.1.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 duplex auto
 speed auto
!
!
!
ip http server
no ip http secure-server
!
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 login
!
scheduler allocate 20000 1000
end

Open in new window

0
Comment
Question by:encoremdj
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 3
  • 2
  • +2
14 Comments
 
LVL 14

Expert Comment

by:anoopkmr
ID: 33570196
if u want internet connection from local lan, try like this .

ip route 0.0.0.0 0.0.0.0 <gateway IP, u can get it from ISP>

access-list 101 permit ip 192.168.1.0 0.0.0.255 any
ip nat inside source list 101 int f0/0 overload

0
 
LVL 20

Expert Comment

by:netcmh
ID: 33570234

ip nat inside source list 1 interface fa0/0 overload

then one line access-list with permissions for Your private networ

access-list 1 permit any any

So any host inside can access any host in Internet

access-list 1 permit 192.168.1.0 0.0.0.255
0
 

Author Comment

by:encoremdj
ID: 33572187
I feel like im getting close...
here is a config snippet, no route currently. Adsl connection directly connected to PC is live (after static IP and dns is entered)

fa0/0 (outside)
fa0/1 (inside)
!
!
interface FastEthernet0/0
 ip address 76.77.18.201 255.255.255.192
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 192.168.1.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 duplex auto
 speed auto
!
!
!
ip http server
no ip http secure-server
ip nat inside source list 1 interface FastEthernet0/0 overload
!
access-list 1 permit 192.168.1.0 0.0.0.255
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 login
!
scheduler allocate 20000 1000
end

Open in new window

0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 

Author Comment

by:encoremdj
ID: 33572226

Router(config)#access-list 1 permit ip 192.168.1.0.0.0.0.255 any
Translating "ip"...domain server (255.255.255.255)

Translating "ip"...domain server (255.255.255.255)

Open in new window

0
 

Expert Comment

by:jspradley
ID: 33573143
Do  you have a dns server configured on your dhcp server options?  How is your client PC getting IP address?  If you are setting the PC IP address manually what are the settings you are using?

You should try the ping command form the router CLI or a Client PC  to IP address 8.8.8.8 that is google's public dns server.
0
 

Author Comment

by:encoremdj
ID: 33573346
"If you are setting the PC IP address manually what are the settings you are using?"
Yes. My DNS is set manually on the client PC with a vlan ip address (manually assigned)

ie. 192.168.1.2 255.255.255.0 - gateway IP is set to 192.168.1.1 (the fe0/1)
Ive set no DNS on the router just a static ip as seen on the code snippet.
Ive set no ip route (i tried anoopkmr's command and it says its incomplete)
"ip route 76.77.18.X 255.255.255.192" 
I'm not able to ping outside, the router's static ip is the only thing reachable (surprisingly at a 255 ms latency)
0
 
LVL 14

Assisted Solution

by:anoopkmr
anoopkmr earned 100 total points
ID: 33573784
u have to add gw also

ip route 0.0.0.0 0.0.0.0 < gw ip>
0
 

Author Comment

by:encoremdj
ID: 33573843
anoopkmr in getting

Router(config)#ip route 76.77.18.XXX 255.255.255.192
% Incomplete command.


or do you want me to actually use
ip route 0.0.0.0 0.0.0.0
0
 
LVL 6

Accepted Solution

by:
wpharaon earned 300 total points
ID: 33574888
For standard access list, you only provide your source address (without specifiying the protocol)
so it will be:
access-list 1 permit 192.168.1.0.0.0.0.255
the ip route should have the destination, in your case you are giving a default route pointint to that destination, so it has to be:
ip route 0.0.0.0 0.0.0.0 76.77.18.XXX          (The XXX should be replaced by the digit provided by your isp to use as a default gateway)
along the: ip nat inside source list 1 int f0/0 overload
should be a working configuration
0
 
LVL 20

Assisted Solution

by:netcmh
netcmh earned 100 total points
ID: 33576137
ip route 0.0.0.0 0.0.0.0 Fa0/0
0
 

Author Closing Comment

by:encoremdj
ID: 33578520
thanks guys send me your christmas list! ill happily buy ya a beer!
0
 
LVL 20

Expert Comment

by:netcmh
ID: 33578530
Thanks for the grade, bro. I'd like a Notion Ink Adam tablet, please. Oh you said beer, I'll pass.
0
 

Author Comment

by:encoremdj
ID: 33578975
web traffic seems slow any ideas (the solution is working well enough though)
!
!
interface FastEthernet0/0
 ip address 76.77.18.201 255.255.255.192
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 192.168.1.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 duplex auto
 speed auto
!
ip route 0.0.0.0 0.0.0.0 FastEthernet0/0
ip route 0.0.0.0 0.0.0.0 76.77.18.193
!
!
ip http server
no ip http secure-server
ip nat inside source list 1 interface FastEthernet0/0 overload
!
access-list 1 permit 192.168.1.0 0.0.0.255
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 login
!
scheduler allocate 20000 1000
end
0
 

Author Comment

by:encoremdj
ID: 33579305
nevermind
ip route 0.0.0.0 0.0.0.0 Fa0/0
was causing a loop, removed (no) it works better than fine now thanks again everyone...
0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as high-speed processing of the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
creating SVI on layer 3 switch 1 74
Monitoring solutions 8 109
Cisco 2911 Router - slow download speeds but very fast upload speeds 5 76
active directory 3 22
In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question