asked on

Unable to Access Internet on Cisco 1861

Hello All Experts,

We have just finishe configuration on Cisco 1861 router, but i am unable to browse Internet even on router can any one suggest me.

where is issue from my configuration

!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname Melbourne1861
!
boot-start-marker
boot system flash:c1861-advipservicesk9-mz.124-24.T1.bin
boot-end-marker
!
logging message-counter syslog
enable secret 5 $1$0LTn$1vf2bZ9T1gvFeE27f4CBt/
!
no aaa new-model
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
crypto pki trustpoint TP-self-signed-3141929497
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-3141929497
 revocation-check none
 rsakeypair TP-self-signed-3141929497
!
!
crypto pki certificate chain TP-self-signed-3141929497
 certificate self-signed 01
  30820245 308201AE A0030201 02020101 300D0609 2A864886 F70D0101 04050030 
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 
  69666963 6174652D 33313431 39323934 3937301E 170D3130 31313137 30363139 
  30305A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649 
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 31343139 
  32393439 3730819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 
  81009161 905E1931 8CB69238 C04CB714 0E704639 267638DF 310455FE FB7E6162 
  24F4329C A3B3A084 51C8C2B1 D0DB78A4 264A9644 B8676B0E 09D83DA6 95411448 
  E92A7E96 317981BF E24835DF A9E81E41 99D3A34D 536DECCD 408BB1FC 5603BE9B 
  F8EF4AC7 E19F6A3F B15E7651 FC819066 3471722A 78E9629A 3A5C1A2B 41CDD1A4 
  B4790203 010001A3 6D306B30 0F060355 1D130101 FF040530 030101FF 30180603 
  551D1104 11300F82 0D4D656C 626F7572 6E653138 3631301F 0603551D 23041830 
  16801432 EBA72FEF 7657F918 D09B969E E3E5FD16 16D05A30 1D060355 1D0E0416 
  041432EB A72FEF76 57F918D0 9B969EE3 E5FD1616 D05A300D 06092A86 4886F70D 
  01010405 00038181 002B3550 0325259A B7ABC899 A0D81BB6 7EE70A33 7B3CE275 
  51303982 FE767ACC B9E193BC 743A8496 245F4417 48CC08FC A6E7547E 460890C5 
  7AF2B95E B3BE3234 39D9E782 C81C478C A051A56B B8C1F16D 14ECE8BF 01E6AF15 
  5D6E418E F7F549D7 27F0A905 9DC6571D 7E27700F BDE8ED84 7EC20D27 D5476ABB 
  E22CC486 C05C3A80 04
  	quit
dot11 syslog
ip source-route
ip cef
!
!
ip dhcp relay information trust-all
ip dhcp excluded-address 192.168.8.1 192.168.8.10
ip dhcp excluded-address 10.10.10.1 10.10.10.10
!
ip dhcp pool LAN-POOL
   import all
   network 192.168.8.0 255.255.255.0
   default-router 192.168.8.1 
   dns-server 192.168.8.1 
   lease 0 2
!
ip dhcp pool phone
   import all
   network 10.10.10.0 255.255.255.0
   default-router 10.10.10.1 
   option 150 ip 10.10.10.1 
!
!
no ip domain lookup
ip name-server 198.142.0.51
ip name-server 203.2.75.132
ip name-server 211.31.138.11
no ipv6 cef
!
!
!
!
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
voice-card 0
!
!
!
username admin privilege 15 password 7 04760A1E0622404F1E395D44465E
! 
!
crypto isakmp policy 1
 encr 3des
 authentication pre-share
 group 2
!
crypto isakmp policy 10
 encr aes 256
 hash md5
 authentication pre-share
 group 5
 lifetime 28800
!
!
crypto ipsec transform-set LAB-Transform esp-aes 256 esp-md5-hmac 
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac 
crypto ipsec transform-set ESP-3DES-SHA1 esp-3des esp-sha-hmac 
crypto ipsec transform-set ESP-3DES-SHA2 esp-3des esp-sha-hmac 
!
crypto ipsec client ezvpn AustraliaVPN
 connect auto
 group EZVPN_GROUP_1 key XXXXXXXXXXXXXX
 mode network-extension
 peer XXXXXXXXXXXXXX
 username XXXXXXXXXXXXXX password XXXXXXXXXXXXXX
 xauth userid mode local
!
archive
 log config
  hidekeys
!
!
ip tftp source-interface Loopback0
bridge irb
!
!
!
!
interface Loopback0
 ip address 10.1.20.2 255.255.255.252
 ip nat inside
 ip virtual-reassembly
 shutdown
!
interface Tunnel2
 no ip address
!
interface FastEthernet0/0
 description outside
 no ip address
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
 pppoe enable group global
!
interface FastEthernet0/0.50
 encapsulation dot1Q 1 native
 bridge-group 2
 bridge-group 2 subscriber-loop-control
 bridge-group 2 spanning-disabled
!
interface FastEthernet0/0.100
 encapsulation dot1Q 100
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 spanning-disabled
!
interface FastEthernet0/1/0
 switchport voice vlan 100
 macro description cisco-phone
!
interface FastEthernet0/1/1
 switchport voice vlan 100
 macro description cisco-phone
!
interface FastEthernet0/1/2
 switchport voice vlan 100
 macro description cisco-phone
!
interface FastEthernet0/1/3
 switchport voice vlan 100
 macro description cisco-phone
!
interface FastEthernet0/1/4
 switchport voice vlan 100
 macro description cisco-phone
!
interface FastEthernet0/1/5
 switchport voice vlan 100
 macro description cisco-phone
!
interface FastEthernet0/1/6
 switchport voice vlan 100
 macro description cisco-phone
!
interface FastEthernet0/1/7
 switchport voice vlan 100
 macro description cisco-phone
!
interface FastEthernet0/1/8
 switchport mode trunk
 macro description cisco-switch
!
interface Vlan1
 no ip address
 ip virtual-reassembly
 bridge-group 2
 bridge-group 2 spanning-disabled
!
interface Vlan100
 no ip address
 ip virtual-reassembly
 bridge-group 1
 bridge-group 1 spanning-disabled
!
interface Dialer1
 mtu 1492
 ip address negotiated
 ip flow ingress
 ip nat outside
 ip virtual-reassembly
 encapsulation ppp
 ip tcp adjust-mss 1452
 dialer pool 1
 dialer-group 1
 ppp authentication pap callin
 ppp chap refuse
 ppp pap sent-username XXXXXXXXXXXXXX password 7 XXXXXXXXXXXXXX
 crypto ipsec client ezvpn AustraliaVPN
!
interface BVI1
 ip address 10.10.10.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 crypto ipsec client ezvpn AustraliaVPN inside
!
interface BVI2
 ip address 192.168.8.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer1
ip route 0.0.0.0 0.0.0.0 198.142.129.45
ip route 192.168.8.0 255.255.255.0 Dialer1
ip http server
ip http authentication local
ip http secure-server
ip http path flash:
!
!
ip dns server
ip nat inside source list ToNAT interface Dialer1 overload
!
ip access-list extended ToNAT
 permit ip 192.168.8.0 0.0.0.255 any
ip access-list extended acl_vpn
 permit ip 192.168.8.0 0.0.0.255 192.168.2.0 0.0.0.255
 permit ip 192.168.8.0 0.0.0.255 192.168.4.0 0.0.0.255
!
access-list 40 permit 192.168.2.0 0.0.0.255
access-list 100 permit ip 192.168.1.0 0.0.0.255 any
access-list 100 permit ip 192.168.2.0 0.0.0.255 any
access-list 100 remark SDM_ACL Category=4
access-list 100 permit icmp 192.168.2.0 0.0.0.255 any
access-list 100 remark SDM_ACL Category=4
access-list 101 permit icmp 192.168.2.0 0.0.0.255 any
access-list 101 remark IPSec Rule
access-list 101 permit ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
access-list 103 remark IPSec Rule
access-list 103 permit ip 192.168.8.0 0.0.1.255 XXXXXXXXXXXXXX 0.0.0.63
access-list 104 remark SDM_ACL Category=4
access-list 104 permit gre host 192.168.8.1 host XXXXXXXXXXXXXX
dialer-list 1 protocol ip permit
!
!
!
!
!
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
bridge 2 protocol ieee
bridge 2 route ip
!
!
voice-port 0/0/0
!
voice-port 0/0/1
!
voice-port 0/0/2
!
voice-port 0/0/3
!
voice-port 0/1/0
!
voice-port 0/1/1
!
voice-port 0/1/2
!
voice-port 0/1/3
!
voice-port 0/4/0
 auto-cut-through
 signal immediate
 input gain auto-control
 description Music On Hold Port
!
!
mgcp fax t38 ecm
mgcp behavior g729-variants static-pt
!
!
!
dial-peer voice 2000 voip
 description ** cue voicemail pilot number **
 destination-pattern 600
 session protocol sipv2
 session target ipv4:10.1.20.1
 dtmf-relay sip-notify
 codec g711ulaw
 no vad
!
!
!
!
telephony-service
 max-ephones 12
 max-dn 30
 ip source-address 10.10.10.1 port 2000
 url services http://10.1.20.1/voiceview/common/login.do 
 url authentication http://10.1.20.1/voiceview/authentication/authenticate.do  
 cnf-file location flash:
 user-locale U2 EN
 load 7931 SCCP31.8-2-2SR2S
 time-zone 44
 date-format dd-mm-yy
 voicemail 600
 max-conferences 8 gain -6
 call-forward pattern .T
 call-forward system redirecting-expanded
 moh music-on-hold.au
 web admin system name Cisco secret 5 $1$ADGZ$fFl/4TrRvoFSKwOOzWV7a1
 dn-webedit 
 transfer-system full-consult
 transfer-pattern .T
 transfer-pattern 0.T
 secondary-dialtone 0
 create cnf-files version-stamp Jan 01 2002 00:00:00
!
!
line con 0
 exec-timeout 0 0
 password 7 04760A1E0622404F1E395D44465E
 login
 no modem enable
line aux 0
 password 7 143A13130507262A33086B667646
 login local
line vty 0 4
 password 7 04760A1E0622404F1E395D44465E
 login local
line vty 5 15
 password 7 04760A1E0622404F1E395D44465E
 login local
!
end

Open in new window

Istvan Kalmar

please provide us 'sh ip int brief' sh ip nat trans'

kavinagpur

ASKER

Thanks for your quick reply

Not getting any output for sh ip nat translations
Melbourne1861#sh ip nat translations

Melbourne1861#

Melbourne1861#sh ip int brief
Interface                  IP-Address      OK? Method Status                Prot
ocol
FastEthernet0/0            unassigned      YES NVRAM  up                    down

FastEthernet0/0.50         unassigned      YES unset  up                    down

FastEthernet0/0.100        unassigned      YES unset  up                    down

FastEthernet0/1/0          unassigned      YES unset  up                    down

FastEthernet0/1/1          unassigned      YES unset  up                    down

FastEthernet0/1/2          unassigned      YES unset  up                    down

FastEthernet0/1/3          unassigned      YES unset  up                    down

FastEthernet0/1/4          unassigned      YES unset  down                  down

FastEthernet0/1/5          unassigned      YES unset  up                    up

FastEthernet0/1/6          unassigned      YES unset  up                    down

Vlan1                      unassigned      YES NVRAM  up                    up

Vlan100                    unassigned      YES NVRAM  up                    up

NVI0                       10.1.20.2       YES unset  up                    up

BVI1                       10.10.10.1      YES NVRAM  up                    up

Virtual-Access1            unassigned      YES unset  up                    up

BVI2                       192.168.8.1     YES NVRAM  up                    up

Dialer1                    unassigned      YES NVRAM  up                    up

Loopback0                  10.1.20.2       YES NVRAM  administratively down down

Tunnel2                    unassigned      YES NVRAM  up                    dow
FastEthernet0/1/7          unassigned      YES unset  up                    down

Open in new window

kavinagpur

ASKER

But now ISP internet cable is unplugged when i entered sh ip nat translations

Istvan Kalmar

Dialer interface not get ip address drom ISP, so please fix the problem!

the following help you:telnet into the router
conf t
logg buf deb
logg bu 8192
CTRL+Z
ter mon
debb ppp neg
deb pp aut

please provide us the output

Kris Montgomery

"It is possible that the internal devices do not have a default gateway or a more specific route to the destination. Verify that they have a route to the destination in their routing table or the default gateway is set. On a Cisco router you can verify that the default gateway is set by issuing the show ip route command. This indicates if the gateway of last resort is set. By issuing the show ip route x.x.x.x command, where x.x.x.x is the destination address, you can verify if a route to the specific destination exists in the routing table.
If the default gateway or a route to the destination does exist, then it is possible that the Internet Service Provider is not advertising the appropriate network to the Internet. You must check with your ISP to verify this.
It is also possible that the reason that internal devices cannot access the Internet is due to an Access Control List (ACL) in the router blocking that device. Make sure you review the ACL's configuration in the router and you allow the devices you want to access the Internet."

https://supportforums.cisco.com/docs/DOC-4336

Thanks!

mug

kavinagpur

ASKER

I am unable to understand how to plug Internet cable into 1861, I am doing try to configure from remote location & my partner said the 1861 has a WAN port at the back it doesn't have a built in ADSL modem
as a lot of enterprises use connections other than ADSL,so we need the modem to provide the internet connection to the 1861, in Perth there is a router there which was configured for a straight through connection when the UC520 was installed so the router's wifi, dhcp etc is all inactive
it just acts as a modem I figured I would just get a modem and plug it into the 1861,

I can't suggest him for making connection because it's strange I never see any VOIP router, But I am always trying to configure,

So can anyone point me for making connection, it will be a great if you can provide me any snap

it's so difficult i think
Please point me in right direction

ASKER CERTIFIED SOLUTION

Istvan Kalmar

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

kavinagpur

ASKER

Thanks Ikalmar,

You means i need the modem to provide the internet connection to the 1861

Istvan Kalmar

if you get adsl line YES

kavinagpur

ASKER

Hello All,

How configure modem for it, i have Linksay's, Netgear also Billion for it,

can you provide me some link or putting it in a straight through mode
I have the same netgear router here in Melbourne, but I can't see any option for straight through on it
the belkin router in Perth had this option

Regards

Vikrant

kavinagpur

ASKER

Hi Ikalmar,

I have done configuration on Linksay's modem, I have configured device in Bridge mode & LLC encapsulation, but not getting internet through Cisco 1861...

Can you suggest me what should i do now ?

Istvan Kalmar

do you able to connect via the modem with PC?