Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Unable to Access Internet on Cisco 1861

Posted on 2010-11-16
12
Medium Priority
?
847 Views
Last Modified: 2012-05-10
Hello All Experts,

We have just finishe configuration on Cisco 1861 router, but i am unable to browse Internet even on router can any one suggest me.

where is issue from my configuration
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname Melbourne1861
!
boot-start-marker
boot system flash:c1861-advipservicesk9-mz.124-24.T1.bin
boot-end-marker
!
logging message-counter syslog
enable secret 5 $1$0LTn$1vf2bZ9T1gvFeE27f4CBt/
!
no aaa new-model
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
crypto pki trustpoint TP-self-signed-3141929497
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-3141929497
 revocation-check none
 rsakeypair TP-self-signed-3141929497
!
!
crypto pki certificate chain TP-self-signed-3141929497
 certificate self-signed 01
  30820245 308201AE A0030201 02020101 300D0609 2A864886 F70D0101 04050030 
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 
  69666963 6174652D 33313431 39323934 3937301E 170D3130 31313137 30363139 
  30305A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649 
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 31343139 
  32393439 3730819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 
  81009161 905E1931 8CB69238 C04CB714 0E704639 267638DF 310455FE FB7E6162 
  24F4329C A3B3A084 51C8C2B1 D0DB78A4 264A9644 B8676B0E 09D83DA6 95411448 
  E92A7E96 317981BF E24835DF A9E81E41 99D3A34D 536DECCD 408BB1FC 5603BE9B 
  F8EF4AC7 E19F6A3F B15E7651 FC819066 3471722A 78E9629A 3A5C1A2B 41CDD1A4 
  B4790203 010001A3 6D306B30 0F060355 1D130101 FF040530 030101FF 30180603 
  551D1104 11300F82 0D4D656C 626F7572 6E653138 3631301F 0603551D 23041830 
  16801432 EBA72FEF 7657F918 D09B969E E3E5FD16 16D05A30 1D060355 1D0E0416 
  041432EB A72FEF76 57F918D0 9B969EE3 E5FD1616 D05A300D 06092A86 4886F70D 
  01010405 00038181 002B3550 0325259A B7ABC899 A0D81BB6 7EE70A33 7B3CE275 
  51303982 FE767ACC B9E193BC 743A8496 245F4417 48CC08FC A6E7547E 460890C5 
  7AF2B95E B3BE3234 39D9E782 C81C478C A051A56B B8C1F16D 14ECE8BF 01E6AF15 
  5D6E418E F7F549D7 27F0A905 9DC6571D 7E27700F BDE8ED84 7EC20D27 D5476ABB 
  E22CC486 C05C3A80 04
  	quit
dot11 syslog
ip source-route
ip cef
!
!
ip dhcp relay information trust-all
ip dhcp excluded-address 192.168.8.1 192.168.8.10
ip dhcp excluded-address 10.10.10.1 10.10.10.10
!
ip dhcp pool LAN-POOL
   import all
   network 192.168.8.0 255.255.255.0
   default-router 192.168.8.1 
   dns-server 192.168.8.1 
   lease 0 2
!
ip dhcp pool phone
   import all
   network 10.10.10.0 255.255.255.0
   default-router 10.10.10.1 
   option 150 ip 10.10.10.1 
!
!
no ip domain lookup
ip name-server 198.142.0.51
ip name-server 203.2.75.132
ip name-server 211.31.138.11
no ipv6 cef
!
!
!
!
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
voice-card 0
!
!
!
username admin privilege 15 password 7 04760A1E0622404F1E395D44465E
! 
!
crypto isakmp policy 1
 encr 3des
 authentication pre-share
 group 2
!
crypto isakmp policy 10
 encr aes 256
 hash md5
 authentication pre-share
 group 5
 lifetime 28800
!
!
crypto ipsec transform-set LAB-Transform esp-aes 256 esp-md5-hmac 
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac 
crypto ipsec transform-set ESP-3DES-SHA1 esp-3des esp-sha-hmac 
crypto ipsec transform-set ESP-3DES-SHA2 esp-3des esp-sha-hmac 
!
crypto ipsec client ezvpn AustraliaVPN
 connect auto
 group EZVPN_GROUP_1 key XXXXXXXXXXXXXX
 mode network-extension
 peer XXXXXXXXXXXXXX
 username XXXXXXXXXXXXXX password XXXXXXXXXXXXXX
 xauth userid mode local
!
archive
 log config
  hidekeys
!
!
ip tftp source-interface Loopback0
bridge irb
!
!
!
!
interface Loopback0
 ip address 10.1.20.2 255.255.255.252
 ip nat inside
 ip virtual-reassembly
 shutdown
!
interface Tunnel2
 no ip address
!
interface FastEthernet0/0
 description outside
 no ip address
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
 pppoe enable group global
!
interface FastEthernet0/0.50
 encapsulation dot1Q 1 native
 bridge-group 2
 bridge-group 2 subscriber-loop-control
 bridge-group 2 spanning-disabled
!
interface FastEthernet0/0.100
 encapsulation dot1Q 100
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 spanning-disabled
!
interface FastEthernet0/1/0
 switchport voice vlan 100
 macro description cisco-phone
!
interface FastEthernet0/1/1
 switchport voice vlan 100
 macro description cisco-phone
!
interface FastEthernet0/1/2
 switchport voice vlan 100
 macro description cisco-phone
!
interface FastEthernet0/1/3
 switchport voice vlan 100
 macro description cisco-phone
!
interface FastEthernet0/1/4
 switchport voice vlan 100
 macro description cisco-phone
!
interface FastEthernet0/1/5
 switchport voice vlan 100
 macro description cisco-phone
!
interface FastEthernet0/1/6
 switchport voice vlan 100
 macro description cisco-phone
!
interface FastEthernet0/1/7
 switchport voice vlan 100
 macro description cisco-phone
!
interface FastEthernet0/1/8
 switchport mode trunk
 macro description cisco-switch
!
interface Vlan1
 no ip address
 ip virtual-reassembly
 bridge-group 2
 bridge-group 2 spanning-disabled
!
interface Vlan100
 no ip address
 ip virtual-reassembly
 bridge-group 1
 bridge-group 1 spanning-disabled
!
interface Dialer1
 mtu 1492
 ip address negotiated
 ip flow ingress
 ip nat outside
 ip virtual-reassembly
 encapsulation ppp
 ip tcp adjust-mss 1452
 dialer pool 1
 dialer-group 1
 ppp authentication pap callin
 ppp chap refuse
 ppp pap sent-username XXXXXXXXXXXXXX password 7 XXXXXXXXXXXXXX
 crypto ipsec client ezvpn AustraliaVPN
!
interface BVI1
 ip address 10.10.10.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 crypto ipsec client ezvpn AustraliaVPN inside
!
interface BVI2
 ip address 192.168.8.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer1
ip route 0.0.0.0 0.0.0.0 198.142.129.45
ip route 192.168.8.0 255.255.255.0 Dialer1
ip http server
ip http authentication local
ip http secure-server
ip http path flash:
!
!
ip dns server
ip nat inside source list ToNAT interface Dialer1 overload
!
ip access-list extended ToNAT
 permit ip 192.168.8.0 0.0.0.255 any
ip access-list extended acl_vpn
 permit ip 192.168.8.0 0.0.0.255 192.168.2.0 0.0.0.255
 permit ip 192.168.8.0 0.0.0.255 192.168.4.0 0.0.0.255
!
access-list 40 permit 192.168.2.0 0.0.0.255
access-list 100 permit ip 192.168.1.0 0.0.0.255 any
access-list 100 permit ip 192.168.2.0 0.0.0.255 any
access-list 100 remark SDM_ACL Category=4
access-list 100 permit icmp 192.168.2.0 0.0.0.255 any
access-list 100 remark SDM_ACL Category=4
access-list 101 permit icmp 192.168.2.0 0.0.0.255 any
access-list 101 remark IPSec Rule
access-list 101 permit ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
access-list 103 remark IPSec Rule
access-list 103 permit ip 192.168.8.0 0.0.1.255 XXXXXXXXXXXXXX 0.0.0.63
access-list 104 remark SDM_ACL Category=4
access-list 104 permit gre host 192.168.8.1 host XXXXXXXXXXXXXX
dialer-list 1 protocol ip permit
!
!
!
!
!
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
bridge 2 protocol ieee
bridge 2 route ip
!
!
voice-port 0/0/0
!
voice-port 0/0/1
!
voice-port 0/0/2
!
voice-port 0/0/3
!
voice-port 0/1/0
!
voice-port 0/1/1
!
voice-port 0/1/2
!
voice-port 0/1/3
!
voice-port 0/4/0
 auto-cut-through
 signal immediate
 input gain auto-control
 description Music On Hold Port
!
!
mgcp fax t38 ecm
mgcp behavior g729-variants static-pt
!
!
!
dial-peer voice 2000 voip
 description ** cue voicemail pilot number **
 destination-pattern 600
 session protocol sipv2
 session target ipv4:10.1.20.1
 dtmf-relay sip-notify
 codec g711ulaw
 no vad
!
!
!
!
telephony-service
 max-ephones 12
 max-dn 30
 ip source-address 10.10.10.1 port 2000
 url services http://10.1.20.1/voiceview/common/login.do 
 url authentication http://10.1.20.1/voiceview/authentication/authenticate.do  
 cnf-file location flash:
 user-locale U2 EN
 load 7931 SCCP31.8-2-2SR2S
 time-zone 44
 date-format dd-mm-yy
 voicemail 600
 max-conferences 8 gain -6
 call-forward pattern .T
 call-forward system redirecting-expanded
 moh music-on-hold.au
 web admin system name Cisco secret 5 $1$ADGZ$fFl/4TrRvoFSKwOOzWV7a1
 dn-webedit 
 transfer-system full-consult
 transfer-pattern .T
 transfer-pattern 0.T
 secondary-dialtone 0
 create cnf-files version-stamp Jan 01 2002 00:00:00
!
!
line con 0
 exec-timeout 0 0
 password 7 04760A1E0622404F1E395D44465E
 login
 no modem enable
line aux 0
 password 7 143A13130507262A33086B667646
 login local
line vty 0 4
 password 7 04760A1E0622404F1E395D44465E
 login local
line vty 5 15
 password 7 04760A1E0622404F1E395D44465E
 login local
!
end

Open in new window

0
Comment
Question by:kavinagpur
  • 6
  • 5
12 Comments
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 34152929
please provide us 'sh ip int brief' sh ip nat trans'
0
 

Author Comment

by:kavinagpur
ID: 34152947
Thanks for your quick reply

Not getting any output for sh ip nat translations
 Melbourne1861#sh ip nat translations

Melbourne1861#
Melbourne1861#sh ip int brief
Interface                  IP-Address      OK? Method Status                Prot
ocol
FastEthernet0/0            unassigned      YES NVRAM  up                    down

FastEthernet0/0.50         unassigned      YES unset  up                    down

FastEthernet0/0.100        unassigned      YES unset  up                    down

FastEthernet0/1/0          unassigned      YES unset  up                    down

FastEthernet0/1/1          unassigned      YES unset  up                    down

FastEthernet0/1/2          unassigned      YES unset  up                    down

FastEthernet0/1/3          unassigned      YES unset  up                    down

FastEthernet0/1/4          unassigned      YES unset  down                  down

FastEthernet0/1/5          unassigned      YES unset  up                    up

FastEthernet0/1/6          unassigned      YES unset  up                    down

Vlan1                      unassigned      YES NVRAM  up                    up

Vlan100                    unassigned      YES NVRAM  up                    up

NVI0                       10.1.20.2       YES unset  up                    up

BVI1                       10.10.10.1      YES NVRAM  up                    up

Virtual-Access1            unassigned      YES unset  up                    up

BVI2                       192.168.8.1     YES NVRAM  up                    up

Dialer1                    unassigned      YES NVRAM  up                    up

Loopback0                  10.1.20.2       YES NVRAM  administratively down down

Tunnel2                    unassigned      YES NVRAM  up                    dow
FastEthernet0/1/7          unassigned      YES unset  up                    down

Open in new window

0
 

Author Comment

by:kavinagpur
ID: 34152952
But now ISP internet cable is unplugged when i entered sh ip nat translations
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 34153051
Dialer interface not get ip address drom ISP, so please fix the problem!

the following help you:telnet into the router
conf t
 logg buf deb
 logg bu 8192
 CTRL+Z
ter mon
debb ppp neg
deb pp aut

please provide us the output
0
 
LVL 6

Expert Comment

by:Kris Montgomery
ID: 34153097
"It is possible that the internal devices do not have a default gateway or a more specific route to the destination. Verify that they have a route to the destination in their routing table or the default gateway is set. On a Cisco router you can verify that the default gateway is set by issuing the show ip route command.  This indicates if the gateway of last resort is set. By issuing the show ip route x.x.x.x command, where x.x.x.x is the destination address, you can verify if a route to the specific destination exists in the routing table.
If the default gateway or a route to the destination does exist, then it is possible that the Internet Service Provider is not advertising the appropriate network to the Internet. You must check with your ISP to verify this.
It is also possible that the reason that internal devices cannot access the Internet is due to an Access Control List (ACL) in the router blocking that device. Make sure you review the ACL's configuration in the router and you allow the devices you want to access the Internet."

https://supportforums.cisco.com/docs/DOC-4336

Thanks!

mug
0
 

Author Comment

by:kavinagpur
ID: 34153658
I am unable to understand how to plug Internet cable into 1861, I am doing try to configure from remote location & my partner said the 1861 has a WAN port at the back it doesn't have a built in ADSL modem
as a lot of enterprises use connections other than ADSL,so we need the modem to provide the internet connection to the 1861, in Perth there is a router there which was configured for a straight through connection when the UC520 was installed so the router's wifi, dhcp etc is all inactive
it just acts as a modem I figured I would just get a modem and plug it into the 1861,

I can't suggest him for making connection because it's strange I never see any VOIP router, But I am always trying to configure,

So can anyone point me for making connection, it will be a great if you can provide me any snap

it's so difficult i think
Please point me in right direction

0
 
LVL 34

Accepted Solution

by:
Istvan Kalmar earned 2000 total points
ID: 34153697
you need adsl modem if you get DSL line from ISP
0
 

Author Comment

by:kavinagpur
ID: 34153727
Thanks Ikalmar,

You means i need the modem to provide the internet connection to the 1861
0
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 34153839
if you get adsl line YES
0
 

Author Comment

by:kavinagpur
ID: 34153926
Hello All,

How configure modem for it, i have Linksay's, Netgear also Billion for it,

can you provide me some link or putting it in a straight through mode
I have the same netgear router here in Melbourne, but I can't see any option for straight through on it
the belkin router in Perth had this option

Regards

Vikrant


0
 

Author Comment

by:kavinagpur
ID: 34162266
Hi Ikalmar,

I have done configuration on Linksay's modem, I have configured device in Bridge mode & LLC  encapsulation, but not getting internet through Cisco 1861...

Can you suggest me what should i do now ?
0
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 34298690
do you able to connect via the modem with PC?
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Implementing Avaya's One-X portal is pretty painless, until you want to deploy this to the Android and iPhone clients when these clients are outside of your network. The clients will also work within your local network. Here is our experience and so…
Almost all Internet protocol telephones have built-in switches at the back that allow you to connect your personal computer to one port and use the other port to connect your phone to to a Cisco switch.   Why we need to connect the PC to the pho…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

824 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question