?
Solved

Cisco 1811 - routed subnet behind PPPOE can't reach internet without NAT

Posted on 2013-12-14
6
Medium Priority
?
287 Views
Last Modified: 2015-04-12
Hello,
My ISP recently assigned me a routed subnet - let's call it 206.x.x.104/29 (255.255.255.248). They said that this routed subnet is "behind" the IP that is assigned to me automatically via PPPOE.
When I take one of those usable IPs (like 206.x.x.105), assign it to a VLAN called "206" on the router, and then get my laptop on that VLAN, I can see the router. The router can see me. The router can see the internet. The laptop cannot reach the internet.
I've turned on ip route. I've set the default gateway to use the Dialer1 interface. The PPPoE connects fine, I just can't get the VLAN 206 to see the internet.
Of course, when I enable NAT for the VLAN 206 (set VLAN 206 up for "ip nat inside", and set Dialer1 as "ip nat outside"), the VLAN 206 can see the internet, but nothing on the internet can see VLAN 206 since it's NATed.
Also worth noting: a traceroute from another place on the internet to an IP address in my routed subnet 206.x.x.104/29 never seems to reach my automatically  assigned PPPOE IP. Any good advice out there?1811WorkInProgress.txt
0
Comment
Question by:SPLAT-Tech
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 47

Expert Comment

by:Craig Beck
ID: 39719220
Config looks good to me.  Have you tried using:

ip route 0.0.0.0 0.0.0.0 dhcp

instead of...

ip route 0.0.0.0 0.0.0.0 Dialer1

Alternatively, just remove the static default route.  You have the ppp ipcp route default command in the Dialer config so it will inject the route from the PPP session if IPCP negotiation succeeds.
0
 

Author Comment

by:SPLAT-Tech
ID: 39719585
OK - so I hopped into the router and removed the static default route which allowed the router to continue to see the internet (as you said, since the ipcp session comes up), but no internet from laptop still without NAT setup on the router. Also, re-adding the static default route as you suggested, using DHCP instead of Dialer1, gave me the same result.
I'm hoping to get a call from my ISP on Monday to see if this is on their end or not. Thanks craigbeck for the ideas.
My biggest concern: the ISP seems to be saying that the routed subnet is a next-hop after my PPPOE assigned IP, then why do I never see the PPPOE assigned IP in the tracert results? We'll see on Monday...
0
 
LVL 47

Expert Comment

by:Craig Beck
ID: 39719683
They probably just set the route profile wrong in RADIUS.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 

Accepted Solution

by:
SPLAT-Tech earned 0 total points
ID: 40711437
After speaking with the ISP ( i got someone that actually new what they were doing) we found out they had a bad route on their end.  They would not disclose the exact nature of the problem but they did fix it and all is good now.
0
 

Author Closing Comment

by:SPLAT-Tech
ID: 40719447
The problem was actually with the ISP
0
 
LVL 47

Expert Comment

by:Craig Beck
ID: 40719476
So why was my answer not selected??

craigbeck 2013-12-15 at 10:01:44  ID: 39719683
They probably just set the route profile wrong in RADIUS.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
This program is used to assist in finding and resolving common problems with wireless connections.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

718 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question