Solved

cisco 2801 router help (what am i doing wrong?)

Posted on 2010-08-31
14
610 Views
Last Modified: 2012-08-13
Title says it all - I believed I had everything working and boss changed up project.

I'm connecting a clear access adsl modem AG-10 to fa0/0 (outside) static IP *bridge mode*,
connecting fa0/1 (inside) to a PC via small switch.

config is:

Currently there is no route to the internet from the inside connection. This is what I'd like to achieve.

Thanks.
Router#sho conf
Using 753 out of 196600 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
ip cef
!
!
!
!
!
multilink bundle-name authenticated
!
!
voice-card 0
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
 ip address 76.BBB.CC.DDD 255.255.255.192
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 192.168.1.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 duplex auto
 speed auto
!
!
!
ip http server
no ip http secure-server
!
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 login
!
scheduler allocate 20000 1000
end

Open in new window

0
Comment
Question by:encoremdj
  • 7
  • 3
  • 2
  • +2
14 Comments
 
LVL 14

Expert Comment

by:anoopkmr
ID: 33570196
if u want internet connection from local lan, try like this .

ip route 0.0.0.0 0.0.0.0 <gateway IP, u can get it from ISP>

access-list 101 permit ip 192.168.1.0 0.0.0.255 any
ip nat inside source list 101 int f0/0 overload

0
 
LVL 20

Expert Comment

by:netcmh
ID: 33570234

ip nat inside source list 1 interface fa0/0 overload

then one line access-list with permissions for Your private networ

access-list 1 permit any any

So any host inside can access any host in Internet

access-list 1 permit 192.168.1.0 0.0.0.255
0
 

Author Comment

by:encoremdj
ID: 33572187
I feel like im getting close...
here is a config snippet, no route currently. Adsl connection directly connected to PC is live (after static IP and dns is entered)

fa0/0 (outside)
fa0/1 (inside)
!
!
interface FastEthernet0/0
 ip address 76.77.18.201 255.255.255.192
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 192.168.1.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 duplex auto
 speed auto
!
!
!
ip http server
no ip http secure-server
ip nat inside source list 1 interface FastEthernet0/0 overload
!
access-list 1 permit 192.168.1.0 0.0.0.255
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 login
!
scheduler allocate 20000 1000
end

Open in new window

0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 

Author Comment

by:encoremdj
ID: 33572226

Router(config)#access-list 1 permit ip 192.168.1.0.0.0.0.255 any
Translating "ip"...domain server (255.255.255.255)

Translating "ip"...domain server (255.255.255.255)

Open in new window

0
 

Expert Comment

by:jspradley
ID: 33573143
Do  you have a dns server configured on your dhcp server options?  How is your client PC getting IP address?  If you are setting the PC IP address manually what are the settings you are using?

You should try the ping command form the router CLI or a Client PC  to IP address 8.8.8.8 that is google's public dns server.
0
 

Author Comment

by:encoremdj
ID: 33573346
"If you are setting the PC IP address manually what are the settings you are using?"
Yes. My DNS is set manually on the client PC with a vlan ip address (manually assigned)

ie. 192.168.1.2 255.255.255.0 - gateway IP is set to 192.168.1.1 (the fe0/1)
Ive set no DNS on the router just a static ip as seen on the code snippet.
Ive set no ip route (i tried anoopkmr's command and it says its incomplete)
"ip route 76.77.18.X 255.255.255.192" 
I'm not able to ping outside, the router's static ip is the only thing reachable (surprisingly at a 255 ms latency)
0
 
LVL 14

Assisted Solution

by:anoopkmr
anoopkmr earned 100 total points
ID: 33573784
u have to add gw also

ip route 0.0.0.0 0.0.0.0 < gw ip>
0
 

Author Comment

by:encoremdj
ID: 33573843
anoopkmr in getting

Router(config)#ip route 76.77.18.XXX 255.255.255.192
% Incomplete command.


or do you want me to actually use
ip route 0.0.0.0 0.0.0.0
0
 
LVL 6

Accepted Solution

by:
wpharaon earned 300 total points
ID: 33574888
For standard access list, you only provide your source address (without specifiying the protocol)
so it will be:
access-list 1 permit 192.168.1.0.0.0.0.255
the ip route should have the destination, in your case you are giving a default route pointint to that destination, so it has to be:
ip route 0.0.0.0 0.0.0.0 76.77.18.XXX          (The XXX should be replaced by the digit provided by your isp to use as a default gateway)
along the: ip nat inside source list 1 int f0/0 overload
should be a working configuration
0
 
LVL 20

Assisted Solution

by:netcmh
netcmh earned 100 total points
ID: 33576137
ip route 0.0.0.0 0.0.0.0 Fa0/0
0
 

Author Closing Comment

by:encoremdj
ID: 33578520
thanks guys send me your christmas list! ill happily buy ya a beer!
0
 
LVL 20

Expert Comment

by:netcmh
ID: 33578530
Thanks for the grade, bro. I'd like a Notion Ink Adam tablet, please. Oh you said beer, I'll pass.
0
 

Author Comment

by:encoremdj
ID: 33578975
web traffic seems slow any ideas (the solution is working well enough though)
!
!
interface FastEthernet0/0
 ip address 76.77.18.201 255.255.255.192
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 192.168.1.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 duplex auto
 speed auto
!
ip route 0.0.0.0 0.0.0.0 FastEthernet0/0
ip route 0.0.0.0 0.0.0.0 76.77.18.193
!
!
ip http server
no ip http secure-server
ip nat inside source list 1 interface FastEthernet0/0 overload
!
access-list 1 permit 192.168.1.0 0.0.0.255
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 login
!
scheduler allocate 20000 1000
end
0
 

Author Comment

by:encoremdj
ID: 33579305
nevermind
ip route 0.0.0.0 0.0.0.0 Fa0/0
was causing a loop, removed (no) it works better than fine now thanks again everyone...
0

Featured Post

Live: Real-Time Solutions, Start Here

Receive instant 1:1 support from technology experts, using our real-time conversation and whiteboard interface. Your first 5 minutes are always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Port forwarding 14 149
assessment of laptops/desktops for hardware refresh 6 68
ISP Change 14 45
ospf neighbors not coming up 6 24
In the hope of saving someone else's sanity... About a year ago we bought a Cisco 1921 router with two ADSL/VDSL EHWIC cards to load balance local network traffic over the two broadband lines we have, but we couldn't get the routing to work consi…
Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now