Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Cisco 3725 Router Config

Posted on 2011-09-26
7
Medium Priority
?
1,995 Views
Last Modified: 2012-05-12
So I decided to purchase a used Cisco 3725 Router and I have a barebone setup on it.  I can ping from the FastEthernet0/0 without a problem but cannot ping from FastEthernet-0/1 at all except to the FastEthernet0/0 port.  Please take a look at this barebone config and tell me what I am missing please.

Using 1128 out of 57336 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname XXXXXXXXXXXXXX
!
boot-start-marker
boot-end-marker
!
enable secret 5 XXXXXXXXXXXXXXXXXXXXXXXXXXX
enable password 7 XXXXXXXXXXXXXXXXXXXXXXXXXXXx
!
memory-size iomem 15
no aaa new-model
ip subnet-zero
no ip routing
!
!
ip dhcp excluded-address 192.168.0.200 192.168.0.254
ip dhcp excluded-address 192.168.0.2 192.168.0.99
!
ip dhcp pool Pius
   dns-server 192.168.0.2 8.8.8.8
   netbios-name-server 192.168.0.2
   default-router 192.168.0.1
!
ip name-server 77.77.76.777
ip name-server 77.77.77.777
no ftp-server write-enable
!
!
!
!
interface FastEthernet0/0
 ip address 77.77.777.777 255.255.255.240
 ip access-group 10 in
 ip nat outside
 duplex auto
 speed auto
 no mop enabled
!
interface FastEthernet0/1
 ip address 192.168.0.1 255.255.255.0
 ip nat inside
 duplex auto
 speed auto
!
ip classless
no ip http server
!
access-list 10 permit any
snmp-server community public RO
snmp-server enable traps tty
!
line con 0
line aux 0
line vty 0 4
 password 7 XXXXXXXXXXXXXXXXXXXXXXXX
 login
!
!
end
0
Comment
Question by:eaglerod
  • 3
  • 2
  • 2
7 Comments
 

Expert Comment

by:jon-t
ID: 36615277
I noticed that the following IP addresses are not valid:

ip name-server 77.77.76.777
ip name-server 77.77.77.777
interface FastEthernet0/0
 ip address 77.77.777.777 255.255.255.240

An IPv4 address must be in the range of 0 to 255 in each octet, and usually the first and last address in a subnet cannot be used for a host as they are reserved for the network and broadcast address.

Could you please provide the output of "sh interfaces status" and also the ping command and its output?

Thanks.
0
 

Author Comment

by:eaglerod
ID: 36673964
I know this. I purposely replaced those numbers with the 7's for security purposes. The Cisco router wouldn't of even allowed me to input that if I wanted to.

FastEthernet0/0
          Switching path    Pkts In   Chars In   Pkts Out  Chars Out
               Processor      77537    5321600       1927     186765
             Route cache          0          0          0          0
                   Total      77537    5321600       1927     186765
FastEthernet0/1
          Switching path    Pkts In   Chars In   Pkts Out  Chars Out
               Processor      31247    2182260       2313     202054
             Route cache          0          0          0          0
                   Total      31247    2182260       2313     202054

Ping from FastEthernet0/0

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 72.30.2.43, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/38/48 ms

Ping Source FastEthernet0/1

Translating "www.yahoo.com"...domain server (77.77.28.16) [OK]

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 72.30.2.43, timeout is 2 seconds:
Packet sent with a source address of 192.168.0.1
.....
Success rate is 0 percent (0/5)
0
 

Expert Comment

by:jon-t
ID: 36702398
Ah, you're trying to set up the router as a NAT/PAT router, now that that is clear I believe all you will need to do to get it working is to put some statements in to do NAT overload on the router.

There's a few different ways to go about getting overload NAT running, so it's probably just best I point you to a document that shows you the fundamentals of Cisco NAT: http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080094e77.shtml
0
Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as the high-speed power of the cloud.

 
LVL 6

Assisted Solution

by:Sanjeevloke
Sanjeevloke earned 2000 total points
ID: 36708461
u need below


ip access-list extended NAT_LIST
 permit ip 192.168.0.0 0.0.0.255 any

Router(config)#ip nat inside source list NAT_LIST interface f0/0 overload
0
 

Author Comment

by:eaglerod
ID: 36710515
Thank you Sanjeevloke this is exactly what I was looking for but I have ran into another problem now.

I can now ping from the router to yahoo.com from both the f0/0 and the f0/1. I was still not able to get any of my computers to ping past the f0/0 (outside) ip address to the ISP gateway.  So I removed DHCP on the router and moved it to my 2008 R2 Server.  DHCP is working fine but I still can get out.  I can ping the outside IP address but I cant ping the ISP gateway.  The new config file is as follows:

Using 1019 out of 57336 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname PiusRouter
!
boot-start-marker
boot-end-marker
!
enable secret 5 XXXX
enable password 7 XXXX
!
memory-size iomem 15
no aaa new-model
ip subnet-zero
no ip routing
!
!
!
ip name-server XX.XX.28.16
ip name-server XX.XX.29.16
no ftp-server write-enable
!
!
!
!
interface FastEthernet0/0
 ip address XX.XX.238.132 255.255.255.240
 ip access-group 10 in
 ip nat outside
 duplex auto
 speed auto
 no mop enabled
!
interface FastEthernet0/1
 ip address 192.168.0.1 255.255.255.0
 ip nat inside
 duplex auto
 speed auto
!
ip nat inside source list NAT_LIST interface FastEthernet0/0 overload
ip classless
no ip http server
!
ip access-list extended NAT_LIST
 permit ip 192.168.0.0 0.0.0.255 any
!
snmp-server community public RO
snmp-server enable traps tty
!
line con 0
line aux 0
line vty 0 4
 password 7 xxxx
 login
!
!
end
0
 
LVL 6

Accepted Solution

by:
Sanjeevloke earned 2000 total points
ID: 36710768
pls put default route on router

ip route 0.0.0.0 0.0.0.0  XX.XX.238.133 name ISP_IP
0
 
LVL 6

Assisted Solution

by:Sanjeevloke
Sanjeevloke earned 2000 total points
ID: 36710782
also i c -- no ip routing

config()# ip routing

then the above default route
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
Make the most of your online learning experience.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

963 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question