Solved

Cisco 1941 router configuration

Posted on 2013-11-14
10
1,110 Views
Last Modified: 2013-11-21
I'm installing a Cisco router and need a little configuration help. On the network is a workstation with IP address 192.168.1.210 and a gateway of 192.168.1.253. The Cisco 1941 has a LAN address of 192.168.1.253 and a WAN address  of 12.12.216.194 with a gateway of 12.12.216.193. From the Cisco I can ping an address on the internet. From the workstation, I cannot ping or access the internet. From the workstation, I can ping 12.12.216.194.

Can anyone tell me what I need to change in the confguration so that the workstation can access the internet?

Below is the running configuration:

Mascot#show running-config
Building configuration...

Current configuration : 1888 bytes
!
! Last configuration change at 20:25:31 UTC Fri Nov 8 2013
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Mascot
!
boot-start-marker
boot-end-marker
!
!
enable secret 5 $1$LlO.$5J1QbjvZc5F4hj4eAsAUB0
enable password 4Mascot8
!
no aaa new-model
service-module wlan-ap 0 bootimage autonomous
!
ip cef
!
!
!
!
!
!
ip domain name Mascot
ip name-server 12.127.16.67
ip name-server 12.127.16.68
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
license udi pid CISCO1941W-A/K9 sn FTX172686LD
hw-module ism 0
!
!
!
!
redundancy
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Embedded-Service-Engine0/0
 no ip address
 shutdown
!
interface GigabitEthernet0/0
 ip address 12.12.216.194 255.255.255.248
 duplex auto
 speed auto
!
interface wlan-ap0
 description Service module interface to manage the embedded AP
 no ip address
 arp timeout 0
 no mop enabled
 no mop sysid
!
interface GigabitEthernet0/1
 ip address 192.168.1.253 255.255.255.0
 ip nat outside
 ip virtual-reassembly in
 ip tcp adjust-mss 1452
 duplex full
 speed 100
!
interface Wlan-GigabitEthernet0/0
 description Internal switch interface connecting to the embedded AP
 no ip address
 shutdown
!
interface Vlan1
 no ip address
 shutdown
!
ip forward-protocol nd
!
ip http server
no ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 12.12.216.193
!
dialer-list 1 protocol ip permit
!
!
!
control-plane
!
!
!
line con 0
line aux 0
line 2
 no activation-character
 no exec
 transport preferred none
 transport input all
 transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
 stopbits 1
line 67
 no activation-character
 no exec
 transport preferred none
 transport input all
 transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
line vty 0 4
 password 4Mascotis8
 login
 transport input all
!
scheduler allocate 20000 1000
!
end
0
Comment
Question by:cwconley
  • 4
  • 4
  • 2
10 Comments
 
LVL 45

Accepted Solution

by:
Craig Beck earned 400 total points
Comment Utility
You need to configure a few things for NAT...

interface GigabitEthernet0/0
 ip nat outside
!
interface GigabitEthernet0/1
 ip nat inside
!
ip access-list extended NAT
 permit ip 192.168.1.0 0.0.0.255 any
!
ip nat inside source static list NAT interface GigabitEthernet0/0 overload

Open in new window

0
 

Author Comment

by:cwconley
Comment Utility
Thanks for the help.

When I enter the last line I get an error. Any ideas?


Mascot(config)#ip nat inside source static list NAT interface G0/0 overload
                                                                   ^
% Invalid input detected at '^' marker.


The marker is under the "l" in list.
0
 
LVL 12

Expert Comment

by:Infamus
Comment Utility
Try without "static".
0
 
LVL 45

Expert Comment

by:Craig Beck
Comment Utility
^^^ +1 :-)

ip nat inside source list NAT interface G0/0 overload
0
 

Author Comment

by:cwconley
Comment Utility
When I type that line in I loose connection to the router and I have to power cycle it to get it back. Still no internet connectivity from the workstation,

Here is my config after I made the other changes:



Mascot#show running-config
Building configuration...

Current configuration : 1998 bytes
!
! Last configuration change at 17:09:57 UTC Thu Nov 21 2013
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Mascot
!
boot-start-marker
boot-end-marker
!
!
enable secret 5 $1$LlO.$5J1QbjvZc5F4hj4eAsAUB0
enable password 4Mascot8
!
no aaa new-model
service-module wlan-ap 0 bootimage autonomous
!
ip cef
!
!
!
!
!
!
ip domain name Mascot
ip name-server 12.127.16.67
ip name-server 12.127.16.68
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
license udi pid CISCO1941W-A/K9 sn FTX172686LD
hw-module ism 0
!
!
!
!
redundancy
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Embedded-Service-Engine0/0
 no ip address
 shutdown
!
interface GigabitEthernet0/0
 ip address 12.12.216.194 255.255.255.248
 ip nat outside
 ip virtual-reassembly in
 duplex auto
 speed auto
!
interface wlan-ap0
 description Service module interface to manage the embedded AP
 no ip address
 arp timeout 0
 no mop enabled
 no mop sysid
!
interface GigabitEthernet0/1
 ip address 192.168.1.253 255.255.255.0
 ip nat outside
 ip virtual-reassembly in
 ip tcp adjust-mss 1452
 duplex full
 speed 100
!
interface Wlan-GigabitEthernet0/0
 description Internal switch interface connecting to the embedded AP
 no ip address
 shutdown
!
interface Vlan1
 no ip address
 shutdown
!
ip forward-protocol nd
!
ip http server
no ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 12.12.216.193
!
ip access-list extended NAT
 permit ip 192.168.1.0 0.0.0.255 any
!
dialer-list 1 protocol ip permit
!
!
!
control-plane
!
!
!
line con 0
line aux 0
line 2
 no activation-character
 no exec
 transport preferred none
 transport input all
 transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
 stopbits 1
line 67
 no activation-character
 no exec
 transport preferred none
 transport input all
 transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
line vty 0 4
 password 4Mascotis8
 login
 transport input all
!
scheduler allocate 20000 1000
!
end

Mascot#
0
Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

 
LVL 12

Expert Comment

by:Infamus
Comment Utility
interface GigabitEthernet0/1
 ip address 192.168.1.253 255.255.255.0
 ip nat outside
 ip virtual-reassembly in
 ip tcp adjust-mss 1452
 duplex full
 speed 100

ip nat inside    <-------
0
 
LVL 12

Expert Comment

by:Infamus
Comment Utility
By the way, I'm just assisting you with the solution Craigbeck provided.
0
 

Author Comment

by:cwconley
Comment Utility
OK. I fixed the error. But I still can't access the internet from the workstation. I can ping the internet from within the router.

Below is the running-config:


Mascot#sh running-config
Building configuration...

Current configuration : 1997 bytes
!
! Last configuration change at 19:33:16 UTC Thu Nov 21 2013
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Mascot
!
boot-start-marker
boot-end-marker
!
!
enable secret 5 $1$LlO.$5J1QbjvZc5F4hj4eAsAUB0
enable password 4Mascot8
!
no aaa new-model
service-module wlan-ap 0 bootimage autonomous
!
ip cef
!
!
!
!
!
!
ip domain name Mascot
ip name-server 12.127.16.67
ip name-server 12.127.16.68
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
license udi pid CISCO1941W-A/K9 sn FTX172686LD
hw-module ism 0
!
!
!
!
redundancy
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Embedded-Service-Engine0/0
 no ip address
 shutdown
!
interface GigabitEthernet0/0
 ip address 12.12.216.194 255.255.255.248
 ip nat outside
 ip virtual-reassembly in
 duplex auto
 speed auto
!
interface wlan-ap0
 description Service module interface to manage the embedded AP
 no ip address
 arp timeout 0
 no mop enabled
 no mop sysid
!
interface GigabitEthernet0/1
 ip address 192.168.1.253 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
 ip tcp adjust-mss 1452
 duplex full
 speed 100
!
interface Wlan-GigabitEthernet0/0
 description Internal switch interface connecting to the embedded AP
 no ip address
 shutdown
!
interface Vlan1
 no ip address
 shutdown
!
ip forward-protocol nd
!
ip http server
no ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 12.12.216.193
!
ip access-list extended NAT
 permit ip 192.168.1.0 0.0.0.255 any
!
dialer-list 1 protocol ip permit
!
!
!
control-plane
!
!
!
line con 0
line aux 0
line 2
 no activation-character
 no exec
 transport preferred none
 transport input all
 transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
 stopbits 1
line 67
 no activation-character
 no exec
 transport preferred none
 transport input all
 transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
line vty 0 4
 password 4Mascotis8
 login
 transport input all
!
scheduler allocate 20000 1000
!
end
0
 
LVL 12

Assisted Solution

by:Infamus
Infamus earned 100 total points
Comment Utility
I don't see this command:

ip nat inside source list NAT interface G0/0 overload
0
 

Author Closing Comment

by:cwconley
Comment Utility
That did the trick.

Thanks for the assist.
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now