kavinagpur
asked on
Unable to Access Internet on Cisco 1861
Hello All Experts,
We have just finishe configuration on Cisco 1861 router, but i am unable to browse Internet even on router can any one suggest me.
where is issue from my configuration
We have just finishe configuration on Cisco 1861 router, but i am unable to browse Internet even on router can any one suggest me.
where is issue from my configuration
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname Melbourne1861
!
boot-start-marker
boot system flash:c1861-advipservicesk9-mz.124-24.T1.bin
boot-end-marker
!
logging message-counter syslog
enable secret 5 $1$0LTn$1vf2bZ9T1gvFeE27f4CBt/
!
no aaa new-model
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
crypto pki trustpoint TP-self-signed-3141929497
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3141929497
revocation-check none
rsakeypair TP-self-signed-3141929497
!
!
crypto pki certificate chain TP-self-signed-3141929497
certificate self-signed 01
30820245 308201AE A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33313431 39323934 3937301E 170D3130 31313137 30363139
30305A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 31343139
32393439 3730819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
81009161 905E1931 8CB69238 C04CB714 0E704639 267638DF 310455FE FB7E6162
24F4329C A3B3A084 51C8C2B1 D0DB78A4 264A9644 B8676B0E 09D83DA6 95411448
E92A7E96 317981BF E24835DF A9E81E41 99D3A34D 536DECCD 408BB1FC 5603BE9B
F8EF4AC7 E19F6A3F B15E7651 FC819066 3471722A 78E9629A 3A5C1A2B 41CDD1A4
B4790203 010001A3 6D306B30 0F060355 1D130101 FF040530 030101FF 30180603
551D1104 11300F82 0D4D656C 626F7572 6E653138 3631301F 0603551D 23041830
16801432 EBA72FEF 7657F918 D09B969E E3E5FD16 16D05A30 1D060355 1D0E0416
041432EB A72FEF76 57F918D0 9B969EE3 E5FD1616 D05A300D 06092A86 4886F70D
01010405 00038181 002B3550 0325259A B7ABC899 A0D81BB6 7EE70A33 7B3CE275
51303982 FE767ACC B9E193BC 743A8496 245F4417 48CC08FC A6E7547E 460890C5
7AF2B95E B3BE3234 39D9E782 C81C478C A051A56B B8C1F16D 14ECE8BF 01E6AF15
5D6E418E F7F549D7 27F0A905 9DC6571D 7E27700F BDE8ED84 7EC20D27 D5476ABB
E22CC486 C05C3A80 04
quit
dot11 syslog
ip source-route
ip cef
!
!
ip dhcp relay information trust-all
ip dhcp excluded-address 192.168.8.1 192.168.8.10
ip dhcp excluded-address 10.10.10.1 10.10.10.10
!
ip dhcp pool LAN-POOL
import all
network 192.168.8.0 255.255.255.0
default-router 192.168.8.1
dns-server 192.168.8.1
lease 0 2
!
ip dhcp pool phone
import all
network 10.10.10.0 255.255.255.0
default-router 10.10.10.1
option 150 ip 10.10.10.1
!
!
no ip domain lookup
ip name-server 198.142.0.51
ip name-server 203.2.75.132
ip name-server 211.31.138.11
no ipv6 cef
!
!
!
!
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
voice-card 0
!
!
!
username admin privilege 15 password 7 04760A1E0622404F1E395D44465E
!
!
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
!
crypto isakmp policy 10
encr aes 256
hash md5
authentication pre-share
group 5
lifetime 28800
!
!
crypto ipsec transform-set LAB-Transform esp-aes 256 esp-md5-hmac
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-3DES-SHA1 esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-3DES-SHA2 esp-3des esp-sha-hmac
!
crypto ipsec client ezvpn AustraliaVPN
connect auto
group EZVPN_GROUP_1 key XXXXXXXXXXXXXX
mode network-extension
peer XXXXXXXXXXXXXX
username XXXXXXXXXXXXXX password XXXXXXXXXXXXXX
xauth userid mode local
!
archive
log config
hidekeys
!
!
ip tftp source-interface Loopback0
bridge irb
!
!
!
!
interface Loopback0
ip address 10.1.20.2 255.255.255.252
ip nat inside
ip virtual-reassembly
shutdown
!
interface Tunnel2
no ip address
!
interface FastEthernet0/0
description outside
no ip address
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
pppoe enable group global
!
interface FastEthernet0/0.50
encapsulation dot1Q 1 native
bridge-group 2
bridge-group 2 subscriber-loop-control
bridge-group 2 spanning-disabled
!
interface FastEthernet0/0.100
encapsulation dot1Q 100
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
!
interface FastEthernet0/1/0
switchport voice vlan 100
macro description cisco-phone
!
interface FastEthernet0/1/1
switchport voice vlan 100
macro description cisco-phone
!
interface FastEthernet0/1/2
switchport voice vlan 100
macro description cisco-phone
!
interface FastEthernet0/1/3
switchport voice vlan 100
macro description cisco-phone
!
interface FastEthernet0/1/4
switchport voice vlan 100
macro description cisco-phone
!
interface FastEthernet0/1/5
switchport voice vlan 100
macro description cisco-phone
!
interface FastEthernet0/1/6
switchport voice vlan 100
macro description cisco-phone
!
interface FastEthernet0/1/7
switchport voice vlan 100
macro description cisco-phone
!
interface FastEthernet0/1/8
switchport mode trunk
macro description cisco-switch
!
interface Vlan1
no ip address
ip virtual-reassembly
bridge-group 2
bridge-group 2 spanning-disabled
!
interface Vlan100
no ip address
ip virtual-reassembly
bridge-group 1
bridge-group 1 spanning-disabled
!
interface Dialer1
mtu 1492
ip address negotiated
ip flow ingress
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip tcp adjust-mss 1452
dialer pool 1
dialer-group 1
ppp authentication pap callin
ppp chap refuse
ppp pap sent-username XXXXXXXXXXXXXX password 7 XXXXXXXXXXXXXX
crypto ipsec client ezvpn AustraliaVPN
!
interface BVI1
ip address 10.10.10.1 255.255.255.0
ip nat inside
ip virtual-reassembly
crypto ipsec client ezvpn AustraliaVPN inside
!
interface BVI2
ip address 192.168.8.1 255.255.255.0
ip nat inside
ip virtual-reassembly
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer1
ip route 0.0.0.0 0.0.0.0 198.142.129.45
ip route 192.168.8.0 255.255.255.0 Dialer1
ip http server
ip http authentication local
ip http secure-server
ip http path flash:
!
!
ip dns server
ip nat inside source list ToNAT interface Dialer1 overload
!
ip access-list extended ToNAT
permit ip 192.168.8.0 0.0.0.255 any
ip access-list extended acl_vpn
permit ip 192.168.8.0 0.0.0.255 192.168.2.0 0.0.0.255
permit ip 192.168.8.0 0.0.0.255 192.168.4.0 0.0.0.255
!
access-list 40 permit 192.168.2.0 0.0.0.255
access-list 100 permit ip 192.168.1.0 0.0.0.255 any
access-list 100 permit ip 192.168.2.0 0.0.0.255 any
access-list 100 remark SDM_ACL Category=4
access-list 100 permit icmp 192.168.2.0 0.0.0.255 any
access-list 100 remark SDM_ACL Category=4
access-list 101 permit icmp 192.168.2.0 0.0.0.255 any
access-list 101 remark IPSec Rule
access-list 101 permit ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
access-list 103 remark IPSec Rule
access-list 103 permit ip 192.168.8.0 0.0.1.255 XXXXXXXXXXXXXX 0.0.0.63
access-list 104 remark SDM_ACL Category=4
access-list 104 permit gre host 192.168.8.1 host XXXXXXXXXXXXXX
dialer-list 1 protocol ip permit
!
!
!
!
!
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
bridge 2 protocol ieee
bridge 2 route ip
!
!
voice-port 0/0/0
!
voice-port 0/0/1
!
voice-port 0/0/2
!
voice-port 0/0/3
!
voice-port 0/1/0
!
voice-port 0/1/1
!
voice-port 0/1/2
!
voice-port 0/1/3
!
voice-port 0/4/0
auto-cut-through
signal immediate
input gain auto-control
description Music On Hold Port
!
!
mgcp fax t38 ecm
mgcp behavior g729-variants static-pt
!
!
!
dial-peer voice 2000 voip
description ** cue voicemail pilot number **
destination-pattern 600
session protocol sipv2
session target ipv4:10.1.20.1
dtmf-relay sip-notify
codec g711ulaw
no vad
!
!
!
!
telephony-service
max-ephones 12
max-dn 30
ip source-address 10.10.10.1 port 2000
url services http://10.1.20.1/voiceview/common/login.do
url authentication http://10.1.20.1/voiceview/authentication/authenticate.do
cnf-file location flash:
user-locale U2 EN
load 7931 SCCP31.8-2-2SR2S
time-zone 44
date-format dd-mm-yy
voicemail 600
max-conferences 8 gain -6
call-forward pattern .T
call-forward system redirecting-expanded
moh music-on-hold.au
web admin system name Cisco secret 5 $1$ADGZ$fFl/4TrRvoFSKwOOzWV7a1
dn-webedit
transfer-system full-consult
transfer-pattern .T
transfer-pattern 0.T
secondary-dialtone 0
create cnf-files version-stamp Jan 01 2002 00:00:00
!
!
line con 0
exec-timeout 0 0
password 7 04760A1E0622404F1E395D44465E
login
no modem enable
line aux 0
password 7 143A13130507262A33086B667646
login local
line vty 0 4
password 7 04760A1E0622404F1E395D44465E
login local
line vty 5 15
password 7 04760A1E0622404F1E395D44465E
login local
!
end
please provide us 'sh ip int brief' sh ip nat trans'
ASKER
Thanks for your quick reply
Not getting any output for sh ip nat translations
Melbourne1861#sh ip nat translations
Melbourne1861#
Not getting any output for sh ip nat translations
Melbourne1861#sh ip nat translations
Melbourne1861#
Melbourne1861#sh ip int brief
Interface IP-Address OK? Method Status Prot
ocol
FastEthernet0/0 unassigned YES NVRAM up down
FastEthernet0/0.50 unassigned YES unset up down
FastEthernet0/0.100 unassigned YES unset up down
FastEthernet0/1/0 unassigned YES unset up down
FastEthernet0/1/1 unassigned YES unset up down
FastEthernet0/1/2 unassigned YES unset up down
FastEthernet0/1/3 unassigned YES unset up down
FastEthernet0/1/4 unassigned YES unset down down
FastEthernet0/1/5 unassigned YES unset up up
FastEthernet0/1/6 unassigned YES unset up down
Vlan1 unassigned YES NVRAM up up
Vlan100 unassigned YES NVRAM up up
NVI0 10.1.20.2 YES unset up up
BVI1 10.10.10.1 YES NVRAM up up
Virtual-Access1 unassigned YES unset up up
BVI2 192.168.8.1 YES NVRAM up up
Dialer1 unassigned YES NVRAM up up
Loopback0 10.1.20.2 YES NVRAM administratively down down
Tunnel2 unassigned YES NVRAM up dow
FastEthernet0/1/7 unassigned YES unset up down
ASKER
But now ISP internet cable is unplugged when i entered sh ip nat translations
Dialer interface not get ip address drom ISP, so please fix the problem!
the following help you:telnet into the router
conf t
logg buf deb
logg bu 8192
CTRL+Z
ter mon
debb ppp neg
deb pp aut
please provide us the output
the following help you:telnet into the router
conf t
logg buf deb
logg bu 8192
CTRL+Z
ter mon
debb ppp neg
deb pp aut
please provide us the output
"It is possible that the internal devices do not have a default gateway or a more specific route to the destination. Verify that they have a route to the destination in their routing table or the default gateway is set. On a Cisco router you can verify that the default gateway is set by issuing the show ip route command. This indicates if the gateway of last resort is set. By issuing the show ip route x.x.x.x command, where x.x.x.x is the destination address, you can verify if a route to the specific destination exists in the routing table.
If the default gateway or a route to the destination does exist, then it is possible that the Internet Service Provider is not advertising the appropriate network to the Internet. You must check with your ISP to verify this.
It is also possible that the reason that internal devices cannot access the Internet is due to an Access Control List (ACL) in the router blocking that device. Make sure you review the ACL's configuration in the router and you allow the devices you want to access the Internet."
https://supportforums.cisco.com/docs/DOC-4336
Thanks!
mug
If the default gateway or a route to the destination does exist, then it is possible that the Internet Service Provider is not advertising the appropriate network to the Internet. You must check with your ISP to verify this.
It is also possible that the reason that internal devices cannot access the Internet is due to an Access Control List (ACL) in the router blocking that device. Make sure you review the ACL's configuration in the router and you allow the devices you want to access the Internet."
https://supportforums.cisco.com/docs/DOC-4336
Thanks!
mug
ASKER
I am unable to understand how to plug Internet cable into 1861, I am doing try to configure from remote location & my partner said the 1861 has a WAN port at the back it doesn't have a built in ADSL modem
as a lot of enterprises use connections other than ADSL,so we need the modem to provide the internet connection to the 1861, in Perth there is a router there which was configured for a straight through connection when the UC520 was installed so the router's wifi, dhcp etc is all inactive
it just acts as a modem I figured I would just get a modem and plug it into the 1861,
I can't suggest him for making connection because it's strange I never see any VOIP router, But I am always trying to configure,
So can anyone point me for making connection, it will be a great if you can provide me any snap
it's so difficult i think
Please point me in right direction
as a lot of enterprises use connections other than ADSL,so we need the modem to provide the internet connection to the 1861, in Perth there is a router there which was configured for a straight through connection when the UC520 was installed so the router's wifi, dhcp etc is all inactive
it just acts as a modem I figured I would just get a modem and plug it into the 1861,
I can't suggest him for making connection because it's strange I never see any VOIP router, But I am always trying to configure,
So can anyone point me for making connection, it will be a great if you can provide me any snap
it's so difficult i think
Please point me in right direction
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
ASKER
Thanks Ikalmar,
You means i need the modem to provide the internet connection to the 1861
You means i need the modem to provide the internet connection to the 1861
if you get adsl line YES
ASKER
Hello All,
How configure modem for it, i have Linksay's, Netgear also Billion for it,
can you provide me some link or putting it in a straight through mode
I have the same netgear router here in Melbourne, but I can't see any option for straight through on it
the belkin router in Perth had this option
Regards
Vikrant
How configure modem for it, i have Linksay's, Netgear also Billion for it,
can you provide me some link or putting it in a straight through mode
I have the same netgear router here in Melbourne, but I can't see any option for straight through on it
the belkin router in Perth had this option
Regards
Vikrant
ASKER
Hi Ikalmar,
I have done configuration on Linksay's modem, I have configured device in Bridge mode & LLC encapsulation, but not getting internet through Cisco 1861...
Can you suggest me what should i do now ?
I have done configuration on Linksay's modem, I have configured device in Bridge mode & LLC encapsulation, but not getting internet through Cisco 1861...
Can you suggest me what should i do now ?
do you able to connect via the modem with PC?