Solved

cisco 2801 router help (what am i doing wrong?)

Posted on 2010-08-31
14
607 Views
Last Modified: 2012-08-13
Title says it all - I believed I had everything working and boss changed up project.

I'm connecting a clear access adsl modem AG-10 to fa0/0 (outside) static IP *bridge mode*,
connecting fa0/1 (inside) to a PC via small switch.

config is:

Currently there is no route to the internet from the inside connection. This is what I'd like to achieve.

Thanks.
Router#sho conf

Using 753 out of 196600 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname Router

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

ip cef

!

!

!

!

!

multilink bundle-name authenticated

!

!

voice-card 0

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

interface FastEthernet0/0

 ip address 76.BBB.CC.DDD 255.255.255.192

 ip nat outside

 ip virtual-reassembly

 duplex auto

 speed auto

!

interface FastEthernet0/1

 ip address 192.168.1.1 255.255.255.0

 ip nat inside

 ip virtual-reassembly

 duplex auto

 speed auto

!

!

!

ip http server

no ip http secure-server

!

!

!

!

!

!

!

control-plane

!

!

!

!

!

!

!

!

!

!

line con 0

line aux 0

line vty 0 4

 login

!

scheduler allocate 20000 1000

end

Open in new window

0
Comment
Question by:encoremdj
  • 7
  • 3
  • 2
  • +2
14 Comments
 
LVL 14

Expert Comment

by:anoopkmr
ID: 33570196
if u want internet connection from local lan, try like this .

ip route 0.0.0.0 0.0.0.0 <gateway IP, u can get it from ISP>

access-list 101 permit ip 192.168.1.0 0.0.0.255 any
ip nat inside source list 101 int f0/0 overload

0
 
LVL 20

Expert Comment

by:netcmh
ID: 33570234

ip nat inside source list 1 interface fa0/0 overload

then one line access-list with permissions for Your private networ

access-list 1 permit any any

So any host inside can access any host in Internet

access-list 1 permit 192.168.1.0 0.0.0.255
0
 

Author Comment

by:encoremdj
ID: 33572187
I feel like im getting close...
here is a config snippet, no route currently. Adsl connection directly connected to PC is live (after static IP and dns is entered)

fa0/0 (outside)
fa0/1 (inside)
!

!

interface FastEthernet0/0

 ip address 76.77.18.201 255.255.255.192

 ip nat outside

 ip virtual-reassembly

 duplex auto

 speed auto

!

interface FastEthernet0/1

 ip address 192.168.1.1 255.255.255.0

 ip nat inside

 ip virtual-reassembly

 duplex auto

 speed auto

!

!

!

ip http server

no ip http secure-server

ip nat inside source list 1 interface FastEthernet0/0 overload

!

access-list 1 permit 192.168.1.0 0.0.0.255

!

!

!

!

!

!

control-plane

!

!

!

!

!

!

!

!

!

!

line con 0

line aux 0

line vty 0 4

 login

!

scheduler allocate 20000 1000

end

Open in new window

0
 

Author Comment

by:encoremdj
ID: 33572226

Router(config)#access-list 1 permit ip 192.168.1.0.0.0.0.255 any

Translating "ip"...domain server (255.255.255.255)



Translating "ip"...domain server (255.255.255.255)

Open in new window

0
 

Expert Comment

by:jspradley
ID: 33573143
Do  you have a dns server configured on your dhcp server options?  How is your client PC getting IP address?  If you are setting the PC IP address manually what are the settings you are using?

You should try the ping command form the router CLI or a Client PC  to IP address 8.8.8.8 that is google's public dns server.
0
 

Author Comment

by:encoremdj
ID: 33573346
"If you are setting the PC IP address manually what are the settings you are using?"
Yes. My DNS is set manually on the client PC with a vlan ip address (manually assigned)

ie. 192.168.1.2 255.255.255.0 - gateway IP is set to 192.168.1.1 (the fe0/1)
Ive set no DNS on the router just a static ip as seen on the code snippet.
Ive set no ip route (i tried anoopkmr's command and it says its incomplete)
"ip route 76.77.18.X 255.255.255.192" 
I'm not able to ping outside, the router's static ip is the only thing reachable (surprisingly at a 255 ms latency)
0
 
LVL 14

Assisted Solution

by:anoopkmr
anoopkmr earned 100 total points
ID: 33573784
u have to add gw also

ip route 0.0.0.0 0.0.0.0 < gw ip>
0
Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

 

Author Comment

by:encoremdj
ID: 33573843
anoopkmr in getting

Router(config)#ip route 76.77.18.XXX 255.255.255.192
% Incomplete command.


or do you want me to actually use
ip route 0.0.0.0 0.0.0.0
0
 
LVL 6

Accepted Solution

by:
wpharaon earned 300 total points
ID: 33574888
For standard access list, you only provide your source address (without specifiying the protocol)
so it will be:
access-list 1 permit 192.168.1.0.0.0.0.255
the ip route should have the destination, in your case you are giving a default route pointint to that destination, so it has to be:
ip route 0.0.0.0 0.0.0.0 76.77.18.XXX          (The XXX should be replaced by the digit provided by your isp to use as a default gateway)
along the: ip nat inside source list 1 int f0/0 overload
should be a working configuration
0
 
LVL 20

Assisted Solution

by:netcmh
netcmh earned 100 total points
ID: 33576137
ip route 0.0.0.0 0.0.0.0 Fa0/0
0
 

Author Closing Comment

by:encoremdj
ID: 33578520
thanks guys send me your christmas list! ill happily buy ya a beer!
0
 
LVL 20

Expert Comment

by:netcmh
ID: 33578530
Thanks for the grade, bro. I'd like a Notion Ink Adam tablet, please. Oh you said beer, I'll pass.
0
 

Author Comment

by:encoremdj
ID: 33578975
web traffic seems slow any ideas (the solution is working well enough though)
!
!
interface FastEthernet0/0
 ip address 76.77.18.201 255.255.255.192
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 192.168.1.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 duplex auto
 speed auto
!
ip route 0.0.0.0 0.0.0.0 FastEthernet0/0
ip route 0.0.0.0 0.0.0.0 76.77.18.193
!
!
ip http server
no ip http secure-server
ip nat inside source list 1 interface FastEthernet0/0 overload
!
access-list 1 permit 192.168.1.0 0.0.0.255
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 login
!
scheduler allocate 20000 1000
end
0
 

Author Comment

by:encoremdj
ID: 33579305
nevermind
ip route 0.0.0.0 0.0.0.0 Fa0/0
was causing a loop, removed (no) it works better than fine now thanks again everyone...
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now