Solved

Unable to Access Internet on Cisco 1861

Posted on 2010-11-16
12
824 Views
Last Modified: 2012-05-10
Hello All Experts,

We have just finishe configuration on Cisco 1861 router, but i am unable to browse Internet even on router can any one suggest me.

where is issue from my configuration
!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname Melbourne1861

!

boot-start-marker

boot system flash:c1861-advipservicesk9-mz.124-24.T1.bin

boot-end-marker

!

logging message-counter syslog

enable secret 5 $1$0LTn$1vf2bZ9T1gvFeE27f4CBt/

!

no aaa new-model

mmi polling-interval 60

no mmi auto-configure

no mmi pvc

mmi snmp-timeout 180

!

crypto pki trustpoint TP-self-signed-3141929497

 enrollment selfsigned

 subject-name cn=IOS-Self-Signed-Certificate-3141929497

 revocation-check none

 rsakeypair TP-self-signed-3141929497

!

!

crypto pki certificate chain TP-self-signed-3141929497

 certificate self-signed 01

  30820245 308201AE A0030201 02020101 300D0609 2A864886 F70D0101 04050030 

  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 

  69666963 6174652D 33313431 39323934 3937301E 170D3130 31313137 30363139 

  30305A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649 

  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 31343139 

  32393439 3730819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 

  81009161 905E1931 8CB69238 C04CB714 0E704639 267638DF 310455FE FB7E6162 

  24F4329C A3B3A084 51C8C2B1 D0DB78A4 264A9644 B8676B0E 09D83DA6 95411448 

  E92A7E96 317981BF E24835DF A9E81E41 99D3A34D 536DECCD 408BB1FC 5603BE9B 

  F8EF4AC7 E19F6A3F B15E7651 FC819066 3471722A 78E9629A 3A5C1A2B 41CDD1A4 

  B4790203 010001A3 6D306B30 0F060355 1D130101 FF040530 030101FF 30180603 

  551D1104 11300F82 0D4D656C 626F7572 6E653138 3631301F 0603551D 23041830 

  16801432 EBA72FEF 7657F918 D09B969E E3E5FD16 16D05A30 1D060355 1D0E0416 

  041432EB A72FEF76 57F918D0 9B969EE3 E5FD1616 D05A300D 06092A86 4886F70D 

  01010405 00038181 002B3550 0325259A B7ABC899 A0D81BB6 7EE70A33 7B3CE275 

  51303982 FE767ACC B9E193BC 743A8496 245F4417 48CC08FC A6E7547E 460890C5 

  7AF2B95E B3BE3234 39D9E782 C81C478C A051A56B B8C1F16D 14ECE8BF 01E6AF15 

  5D6E418E F7F549D7 27F0A905 9DC6571D 7E27700F BDE8ED84 7EC20D27 D5476ABB 

  E22CC486 C05C3A80 04

  	quit

dot11 syslog

ip source-route

ip cef

!

!

ip dhcp relay information trust-all

ip dhcp excluded-address 192.168.8.1 192.168.8.10

ip dhcp excluded-address 10.10.10.1 10.10.10.10

!

ip dhcp pool LAN-POOL

   import all

   network 192.168.8.0 255.255.255.0

   default-router 192.168.8.1 

   dns-server 192.168.8.1 

   lease 0 2

!

ip dhcp pool phone

   import all

   network 10.10.10.0 255.255.255.0

   default-router 10.10.10.1 

   option 150 ip 10.10.10.1 

!

!

no ip domain lookup

ip name-server 198.142.0.51

ip name-server 203.2.75.132

ip name-server 211.31.138.11

no ipv6 cef

!

!

!

!

!

multilink bundle-name authenticated

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

voice-card 0

!

!

!

username admin privilege 15 password 7 04760A1E0622404F1E395D44465E

! 

!

crypto isakmp policy 1

 encr 3des

 authentication pre-share

 group 2

!

crypto isakmp policy 10

 encr aes 256

 hash md5

 authentication pre-share

 group 5

 lifetime 28800

!

!

crypto ipsec transform-set LAB-Transform esp-aes 256 esp-md5-hmac 

crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac 

crypto ipsec transform-set ESP-3DES-SHA1 esp-3des esp-sha-hmac 

crypto ipsec transform-set ESP-3DES-SHA2 esp-3des esp-sha-hmac 

!

crypto ipsec client ezvpn AustraliaVPN

 connect auto

 group EZVPN_GROUP_1 key XXXXXXXXXXXXXX

 mode network-extension

 peer XXXXXXXXXXXXXX

 username XXXXXXXXXXXXXX password XXXXXXXXXXXXXX

 xauth userid mode local

!

archive

 log config

  hidekeys

!

!

ip tftp source-interface Loopback0

bridge irb

!

!

!

!

interface Loopback0

 ip address 10.1.20.2 255.255.255.252

 ip nat inside

 ip virtual-reassembly

 shutdown

!

interface Tunnel2

 no ip address

!

interface FastEthernet0/0

 description outside

 no ip address

 ip nat outside

 ip virtual-reassembly

 duplex auto

 speed auto

 pppoe enable group global

!

interface FastEthernet0/0.50

 encapsulation dot1Q 1 native

 bridge-group 2

 bridge-group 2 subscriber-loop-control

 bridge-group 2 spanning-disabled

!

interface FastEthernet0/0.100

 encapsulation dot1Q 100

 bridge-group 1

 bridge-group 1 subscriber-loop-control

 bridge-group 1 spanning-disabled

!

interface FastEthernet0/1/0

 switchport voice vlan 100

 macro description cisco-phone

!

interface FastEthernet0/1/1

 switchport voice vlan 100

 macro description cisco-phone

!

interface FastEthernet0/1/2

 switchport voice vlan 100

 macro description cisco-phone

!

interface FastEthernet0/1/3

 switchport voice vlan 100

 macro description cisco-phone

!

interface FastEthernet0/1/4

 switchport voice vlan 100

 macro description cisco-phone

!

interface FastEthernet0/1/5

 switchport voice vlan 100

 macro description cisco-phone

!

interface FastEthernet0/1/6

 switchport voice vlan 100

 macro description cisco-phone

!

interface FastEthernet0/1/7

 switchport voice vlan 100

 macro description cisco-phone

!

interface FastEthernet0/1/8

 switchport mode trunk

 macro description cisco-switch

!

interface Vlan1

 no ip address

 ip virtual-reassembly

 bridge-group 2

 bridge-group 2 spanning-disabled

!

interface Vlan100

 no ip address

 ip virtual-reassembly

 bridge-group 1

 bridge-group 1 spanning-disabled

!

interface Dialer1

 mtu 1492

 ip address negotiated

 ip flow ingress

 ip nat outside

 ip virtual-reassembly

 encapsulation ppp

 ip tcp adjust-mss 1452

 dialer pool 1

 dialer-group 1

 ppp authentication pap callin

 ppp chap refuse

 ppp pap sent-username XXXXXXXXXXXXXX password 7 XXXXXXXXXXXXXX

 crypto ipsec client ezvpn AustraliaVPN

!

interface BVI1

 ip address 10.10.10.1 255.255.255.0

 ip nat inside

 ip virtual-reassembly

 crypto ipsec client ezvpn AustraliaVPN inside

!

interface BVI2

 ip address 192.168.8.1 255.255.255.0

 ip nat inside

 ip virtual-reassembly

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 Dialer1

ip route 0.0.0.0 0.0.0.0 198.142.129.45

ip route 192.168.8.0 255.255.255.0 Dialer1

ip http server

ip http authentication local

ip http secure-server

ip http path flash:

!

!

ip dns server

ip nat inside source list ToNAT interface Dialer1 overload

!

ip access-list extended ToNAT

 permit ip 192.168.8.0 0.0.0.255 any

ip access-list extended acl_vpn

 permit ip 192.168.8.0 0.0.0.255 192.168.2.0 0.0.0.255

 permit ip 192.168.8.0 0.0.0.255 192.168.4.0 0.0.0.255

!

access-list 40 permit 192.168.2.0 0.0.0.255

access-list 100 permit ip 192.168.1.0 0.0.0.255 any

access-list 100 permit ip 192.168.2.0 0.0.0.255 any

access-list 100 remark SDM_ACL Category=4

access-list 100 permit icmp 192.168.2.0 0.0.0.255 any

access-list 100 remark SDM_ACL Category=4

access-list 101 permit icmp 192.168.2.0 0.0.0.255 any

access-list 101 remark IPSec Rule

access-list 101 permit ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255

access-list 103 remark IPSec Rule

access-list 103 permit ip 192.168.8.0 0.0.1.255 XXXXXXXXXXXXXX 0.0.0.63

access-list 104 remark SDM_ACL Category=4

access-list 104 permit gre host 192.168.8.1 host XXXXXXXXXXXXXX

dialer-list 1 protocol ip permit

!

!

!

!

!

!

control-plane

!

bridge 1 protocol ieee

bridge 1 route ip

bridge 2 protocol ieee

bridge 2 route ip

!

!

voice-port 0/0/0

!

voice-port 0/0/1

!

voice-port 0/0/2

!

voice-port 0/0/3

!

voice-port 0/1/0

!

voice-port 0/1/1

!

voice-port 0/1/2

!

voice-port 0/1/3

!

voice-port 0/4/0

 auto-cut-through

 signal immediate

 input gain auto-control

 description Music On Hold Port

!

!

mgcp fax t38 ecm

mgcp behavior g729-variants static-pt

!

!

!

dial-peer voice 2000 voip

 description ** cue voicemail pilot number **

 destination-pattern 600

 session protocol sipv2

 session target ipv4:10.1.20.1

 dtmf-relay sip-notify

 codec g711ulaw

 no vad

!

!

!

!

telephony-service

 max-ephones 12

 max-dn 30

 ip source-address 10.10.10.1 port 2000

 url services http://10.1.20.1/voiceview/common/login.do 

 url authentication http://10.1.20.1/voiceview/authentication/authenticate.do  

 cnf-file location flash:

 user-locale U2 EN

 load 7931 SCCP31.8-2-2SR2S

 time-zone 44

 date-format dd-mm-yy

 voicemail 600

 max-conferences 8 gain -6

 call-forward pattern .T

 call-forward system redirecting-expanded

 moh music-on-hold.au

 web admin system name Cisco secret 5 $1$ADGZ$fFl/4TrRvoFSKwOOzWV7a1

 dn-webedit 

 transfer-system full-consult

 transfer-pattern .T

 transfer-pattern 0.T

 secondary-dialtone 0

 create cnf-files version-stamp Jan 01 2002 00:00:00

!

!

line con 0

 exec-timeout 0 0

 password 7 04760A1E0622404F1E395D44465E

 login

 no modem enable

line aux 0

 password 7 143A13130507262A33086B667646

 login local

line vty 0 4

 password 7 04760A1E0622404F1E395D44465E

 login local

line vty 5 15

 password 7 04760A1E0622404F1E395D44465E

 login local

!

end

Open in new window

0
Comment
Question by:kavinagpur
  • 6
  • 5
12 Comments
 
LVL 34

Expert Comment

by:Istvan Kalmar
Comment Utility
please provide us 'sh ip int brief' sh ip nat trans'
0
 

Author Comment

by:kavinagpur
Comment Utility
Thanks for your quick reply

Not getting any output for sh ip nat translations
 Melbourne1861#sh ip nat translations

Melbourne1861#
Melbourne1861#sh ip int brief

Interface                  IP-Address      OK? Method Status                Prot

ocol

FastEthernet0/0            unassigned      YES NVRAM  up                    down



FastEthernet0/0.50         unassigned      YES unset  up                    down



FastEthernet0/0.100        unassigned      YES unset  up                    down



FastEthernet0/1/0          unassigned      YES unset  up                    down



FastEthernet0/1/1          unassigned      YES unset  up                    down



FastEthernet0/1/2          unassigned      YES unset  up                    down



FastEthernet0/1/3          unassigned      YES unset  up                    down



FastEthernet0/1/4          unassigned      YES unset  down                  down



FastEthernet0/1/5          unassigned      YES unset  up                    up



FastEthernet0/1/6          unassigned      YES unset  up                    down



Vlan1                      unassigned      YES NVRAM  up                    up



Vlan100                    unassigned      YES NVRAM  up                    up



NVI0                       10.1.20.2       YES unset  up                    up



BVI1                       10.10.10.1      YES NVRAM  up                    up



Virtual-Access1            unassigned      YES unset  up                    up



BVI2                       192.168.8.1     YES NVRAM  up                    up



Dialer1                    unassigned      YES NVRAM  up                    up



Loopback0                  10.1.20.2       YES NVRAM  administratively down down



Tunnel2                    unassigned      YES NVRAM  up                    dow

FastEthernet0/1/7          unassigned      YES unset  up                    down

Open in new window

0
 

Author Comment

by:kavinagpur
Comment Utility
But now ISP internet cable is unplugged when i entered sh ip nat translations
0
 
LVL 34

Expert Comment

by:Istvan Kalmar
Comment Utility
Dialer interface not get ip address drom ISP, so please fix the problem!

the following help you:telnet into the router
conf t
 logg buf deb
 logg bu 8192
 CTRL+Z
ter mon
debb ppp neg
deb pp aut

please provide us the output
0
 
LVL 6

Expert Comment

by:Kris Montgomery
Comment Utility
"It is possible that the internal devices do not have a default gateway or a more specific route to the destination. Verify that they have a route to the destination in their routing table or the default gateway is set. On a Cisco router you can verify that the default gateway is set by issuing the show ip route command.  This indicates if the gateway of last resort is set. By issuing the show ip route x.x.x.x command, where x.x.x.x is the destination address, you can verify if a route to the specific destination exists in the routing table.
If the default gateway or a route to the destination does exist, then it is possible that the Internet Service Provider is not advertising the appropriate network to the Internet. You must check with your ISP to verify this.
It is also possible that the reason that internal devices cannot access the Internet is due to an Access Control List (ACL) in the router blocking that device. Make sure you review the ACL's configuration in the router and you allow the devices you want to access the Internet."

https://supportforums.cisco.com/docs/DOC-4336

Thanks!

mug
0
 

Author Comment

by:kavinagpur
Comment Utility
I am unable to understand how to plug Internet cable into 1861, I am doing try to configure from remote location & my partner said the 1861 has a WAN port at the back it doesn't have a built in ADSL modem
as a lot of enterprises use connections other than ADSL,so we need the modem to provide the internet connection to the 1861, in Perth there is a router there which was configured for a straight through connection when the UC520 was installed so the router's wifi, dhcp etc is all inactive
it just acts as a modem I figured I would just get a modem and plug it into the 1861,

I can't suggest him for making connection because it's strange I never see any VOIP router, But I am always trying to configure,

So can anyone point me for making connection, it will be a great if you can provide me any snap

it's so difficult i think
Please point me in right direction

0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 
LVL 34

Accepted Solution

by:
Istvan Kalmar earned 500 total points
Comment Utility
you need adsl modem if you get DSL line from ISP
0
 

Author Comment

by:kavinagpur
Comment Utility
Thanks Ikalmar,

You means i need the modem to provide the internet connection to the 1861
0
 
LVL 34

Expert Comment

by:Istvan Kalmar
Comment Utility
if you get adsl line YES
0
 

Author Comment

by:kavinagpur
Comment Utility
Hello All,

How configure modem for it, i have Linksay's, Netgear also Billion for it,

can you provide me some link or putting it in a straight through mode
I have the same netgear router here in Melbourne, but I can't see any option for straight through on it
the belkin router in Perth had this option

Regards

Vikrant


0
 

Author Comment

by:kavinagpur
Comment Utility
Hi Ikalmar,

I have done configuration on Linksay's modem, I have configured device in Bridge mode & LLC  encapsulation, but not getting internet through Cisco 1861...

Can you suggest me what should i do now ?
0
 
LVL 34

Expert Comment

by:Istvan Kalmar
Comment Utility
do you able to connect via the modem with PC?
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now