Solved

How to setup dyndns on my cisco 887VA Router

Posted on 2014-01-29
55
1,011 Views
Last Modified: 2014-02-16
Hi,

I am looking to see if and how I go about setting up a dns on my router so that it will send my  IP address changes to my dyndns,org server address as I keep on getting locked out when I work away from home and I would like a means of updating this automatically.
0
Comment
Question by:cannonz
  • 29
  • 26
55 Comments
 
LVL 26

Expert Comment

by:Soulja
Comment Utility
Check here:
http://www.firewall.cx/cisco-technical-knowledgebase/cisco-routers/811-cisco-router-ddns.html

Now if you have a Free Dyndns.org account, you still will have to log into he site and reconfirm your dns host every thirty days now.

Alternatively, instead of the router config, you can just install the dyndns client too on an internal computer that you leave on all of the time. If you don't leave it on all of he time, then this option is null.
0
 

Author Comment

by:cannonz
Comment Utility
I have added all the information from link above but my router still doesn't seem to update automatically I still find having to manually do it. ?
Any ideas will it be easier to post my config incase I have missed something with my username/password blanked out.
0
 
LVL 26

Expert Comment

by:Soulja
Comment Utility
sure post it up. Second pair of eyes always help.
0
 

Author Comment

by:cannonz
Comment Utility
no aaa new-model
!
memory-size iomem 10
crypto pki token default removal timeout 0
!
crypto pki trustpoint TP-self-signed-3233774123
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-3233774123
 revocation-check none
 rsakeypair TP-self-signed-3233774123
!
!
crypto pki certificate chain TP-self-signed-3233774123
 certificate self-signed 01
  3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 33323333 37373431 3233301E 170D3133 30393137 31333338
  30345A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 32333337
  37343132 3330819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
  8100B254 C04208D2 ABF68D18 5B77C54E 7AE24FE2 6493A65E 3D67BDFA AC05CAAD
  2209BE2E DC621CE2 5682517E 3CA06F61 0C0FC713 2C0F84D8 FEBBF5CC 81A6EF17
  B768E110 C5FC6FB2 2750875C 7203BC16 39335314 CCF32034 5E042C2C 15F03FF1
  1BDF97A0 DBA757F9 42783E39 6AF59906 ACA416B4 3EC1E4D5 C935799B 9167D1FC
  AB850203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
  551D2304 18301680 1403A635 385A6809 603E2C4A FF6F439B 6995E393 A2301D06
  03551D0E 04160414 03A63538 5A680960 3E2C4AFF 6F439B69 95E393A2 300D0609
  2A864886 F70D0101 05050003 81810073 3157A85E 120A5B1D 6C25453C 0DFB0F82
  9156EFF7 64E1A26B 4675C488 EF291E25 6C6C25CB 8CA95AB1 1FF6C2EB C12636D7
  50E2B83C A87225B3 87AC7CE1 679B1801 49E4B859 4BED67E2 6783EFB6 A50CC616
  C32228AD 625331FD 85361CEC 11E196E9 26D9638E 98D3235A 9D425AE8 1F06FEE0
  D332ED58 E0504C61 03F8939E 1EEF55
        quit
ip source-route
!
!
!
ip dhcp excluded-address 192.168.1.1 192.168.1.99
ip dhcp excluded-address 192.168.2.1 192.168.2.99
!
ip dhcp pool VLAN10
 import all
 network 192.168.1.0 255.255.255.0
 default-router 192.168.1.1
 domain-name cannonz.dyndns.org
 dns-server 208.67.220.220
 lease 4
!
ip dhcp pool VLAN20
 import all
 network 192.168.2.0 255.255.255.0
 default-router 192.168.2.1
 domain-name cannonz.dyndns.org
 lease 4
!
!
ip cef
ip name-server 208.67.222.222
ip name-server 208.67.220.220
ip name-server 4.2.2.6
ip name-server 4.2.2.5
ip inspect name MYFW tcp
ip inspect name MYFW udp
ip ddns update method dyndns
 HTTP
  add http://xxxx:xxxx@members.dyndns.org/nic/update?system=dyndns&hostname=cannonz.dyndns.org
 interval maximum 1 0 0 0
!
no ipv6 cef
!
!
multilink bundle-name authenticated
license udi pid CISCO887VA-SEC-K9 sn FCZ160592RB
!
!
username sysop privilege 15 password 7 08254E455D4C5D14
!
!
!
!
controller VDSL 0
!
!
!
!
!
!
!
!
interface Ethernet0
 no ip address
 shutdown
 no fair-queue
!
interface ATM0
 no ip address
 no atm ilmi-keepalive
 pvc 0/38
  encapsulation aal5mux ppp dialer
  dialer pool-member 1
 !
!
interface FastEthernet0
 switchport access vlan 20
 no ip address
 spanning-tree portfast
!
interface FastEthernet1
 switchport access vlan 10
 no ip address
 spanning-tree portfast
!
interface FastEthernet2
 switchport access vlan 10
 no ip address
 spanning-tree portfast
!
interface FastEthernet3
 no ip address
!
interface Vlan1
 no ip address
!
interface Vlan10
 description Internal Network
 ip address 192.168.1.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
!
interface Vlan20
 description Guest Network
 ip address 192.168.2.1 255.255.255.0
!
interface Dialer0
 ip ddns update hostname cannonz.dyndns.org
 ip ddns update dyndns
 ip address negotiated
 ip access-group Internet-inbound-ACL in
 ip nat outside
 ip inspect MYFW out
 ip virtual-reassembly in
 encapsulation ppp
 ip tcp adjust-mss 1452
 dialer pool 1
 dialer idle-timeout 0
 dialer persistent
 dialer-group 1
 ppp authentication chap callin
 ppp chap hostname bthomehub@btbroadband.com
 ppp chap password 0 bthomehub@btbroadband.com
 ppp ipcp dns request
 ppp ipcp address accept
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip dns server
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source static tcp 192.168.1.2 80 interface Dialer0 80
ip route 0.0.0.0 0.0.0.0 Dialer0
ip route 192.168.3.0 255.255.255.0 192.168.1.2
!
ip access-list extended Guest-ACL
 deny   ip any 192.168.1.0 0.0.0.255
 permit ip any any
ip access-list extended Internet-inbound-ACL
 permit udp any eq bootps any eq bootpc
 permit icmp any any echo
 permit icmp any any echo-reply
 permit icmp any any traceroute
 permit gre any any
 permit esp any any
 permit tcp any any
!
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 1 permit 192.168.2.0 0.0.0.255
!
!
!
!
!
control-plane
!
!
line con 0
 password 7 09484C024D504F11
line aux 0
line vty 0 4
 password 7 070B23471A5C4106
 login
 transport input all
!
end
0
 

Author Comment

by:cannonz
Comment Utility
Can anyone see where or If have gone wrong as to why my dns server update isn't updating. ?
0
 
LVL 26

Expert Comment

by:Soulja
Comment Utility
Try this format:

http://user:password@members.dyndns.org/nic/update?system=dyndns&hostname=&myip=

If that doesn't work, try this format:

http://username:password@members.dyndns.org/nic/update?system=dyndns&hostname=&myip=

Don't enter your fqdn in these commands. Leave them as is.
0
 

Author Comment

by:cannonz
Comment Utility
Sorry you have lost me with the fqdn what does that mean. ?

Example :-

http://test123@abc123.dyndns.org/nic/update?system=dyndns&hostname=&myip=

Is this what you mean just my username and password ??
0
 

Author Comment

by:cannonz
Comment Utility
Ok,

I have given up on dyndns and tried out no-ip instead because you can ping/update it more often apparently.

Here's what I'm getting in my log just now:-

------------------------------------------------
Translating "dynupdate.no-ip.com"...domain server (208.67.222.222)
Feb 11 17:55:03.528: DYNDNSUPD: Adding DNS mapping for cannonz32.no-ip.biz <=> 86.156.12.249
Feb 11 17:55:03.528: HTTPDNS: Update add called for cannonz32.no-ip.biz <=> 86.156.12.249
Feb 11 17:55:03.528: HTTPDNSUPD: Session ID = 0x27
Feb 11 17:55:03.528: HTTPDNSUPD: URL = 'http://myemail@address.com:mypassword@dynupdate.no-ip.com/nic/upda  te?hostname=cannonz32.no-ip.biz&myip=86.156.12.249'
Feb 11 17:55:03.528: HTTPDNSUPD: Sending request (208.67.220.220) (194.72.9.38) (194.74.65.69) (4.2  .2.6) (4.2.2.5)
... status='Host name resolution failed', tid=0
-------------------------------------------------

Any ideas what's wrong it does appear to have a valid ip address but doesn't seem to update when I check.?
0
 
LVL 26

Expert Comment

by:Soulja
Comment Utility
Yes leave them as is.
0
 

Author Comment

by:cannonz
Comment Utility
what and it will resolve itself eventually...?
0
 
LVL 26

Expert Comment

by:Soulja
Comment Utility
Make sure your command look like this:

http://username:password@members.dyndns.org/nic/update?system=dyndns&hostname=<h>&myip=<a>

Can you attach your current config now?
0
 

Author Comment

by:cannonz
Comment Utility
Ok here goes its a bit screwed up now as i seem to have both dyndns & no-ip set in my current config now as i tried both but when i log into dyndns.org acccount my ip address has updated but it doesn't in my no-ip web logon.

--------------------------------------------------------
!
! Last configuration change at 19:25:10 UTC Tue Feb 11 2014
version 15.1
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot config flash:usbflash0
boot-end-marker
!
!
!
no aaa new-model
!
memory-size iomem 10
crypto pki token default removal timeout 0
!
crypto pki trustpoint TP-self-signed-3233774123
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-3233774123
 revocation-check none
 rsakeypair TP-self-signed-3233774123
!
!
crypto pki certificate chain TP-self-signed-3233774123
 certificate self-signed 01
  3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 33323333 37373431 3233301E 170D3133 30393137 31333338
  30345A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 32333337
  37343132 3330819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
  8100B254 C04208D2 ABF68D18 5B77C54E 7AE24FE2 6493A65E 3D67BDFA AC05CAAD
  2209BE2E DC621CE2 5682517E 3CA06F61 0C0FC713 2C0F84D8 FEBBF5CC 81A6EF17
  B768E110 C5FC6FB2 2750875C 7203BC16 39335314 CCF32034 5E042C2C 15F03FF1
  1BDF97A0 DBA757F9 42783E39 6AF59906 ACA416B4 3EC1E4D5 C935799B 9167D1FC
  AB850203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
  551D2304 18301680 1403A635 385A6809 603E2C4A FF6F439B 6995E393 A2301D06
  03551D0E 04160414 03A63538 5A680960 3E2C4AFF 6F439B69 95E393A2 300D0609
  2A864886 F70D0101 05050003 81810073 3157A85E 120A5B1D 6C25453C 0DFB0F82
  9156EFF7 64E1A26B 4675C488 EF291E25 6C6C25CB 8CA95AB1 1FF6C2EB C12636D7
  50E2B83C A87225B3 87AC7CE1 679B1801 49E4B859 4BED67E2 6783EFB6 A50CC616
  C32228AD 625331FD 85361CEC 11E196E9 26D9638E 98D3235A 9D425AE8 1F06FEE0
  D332ED58 E0504C61 03F8939E 1EEF55
        quit
ip source-route
!
!
!
ip dhcp excluded-address 192.168.1.1 192.168.1.99
ip dhcp excluded-address 192.168.2.1 192.168.2.99
!
ip dhcp pool VLAN10
 import all
 network 192.168.1.0 255.255.255.0
 default-router 192.168.1.1
 domain-name cannonz.dyndns.org
 dns-server 208.67.220.220
 lease 4
!
ip dhcp pool VLAN20
 import all
 network 192.168.2.0 255.255.255.0
 default-router 192.168.2.1
 domain-name cannonz.dyndns.org
 lease 4
!
!
ip cef
ip name-server 208.67.222.222
ip name-server 208.67.220.220
ip name-server 4.2.2.6
ip name-server 4.2.2.5
ip inspect name MYFW tcp
ip inspect name MYFW udp
ip ddns update method dyndns
 HTTP
  add http://xxxxx:xxxxx@members.dyndns.org/nic/update?system=dyndns&amp;hostname=&amp;myip=
 interval maximum 1 0 0 0
!
ip ddns update method no-ip
 HTTP
  add http://xxxxx@no-ip.biz:xxxxx@dynupdate.no-ip.com/nic/update?hostname=<h>&myip=<a>
 interval maximum 0 0 5 0
!
no ipv6 cef
!
!
multilink bundle-name authenticated
license udi pid CISCO887VA-SEC-K9 sn FCZ160592RB
!
!
username sysop privilege 15 password 7 08254E455D4C5D14
!
!
!
!
controller VDSL 0
!
!
!
!
!
!
!
!
interface Ethernet0
 no ip address
 shutdown
 no fair-queue
!
interface ATM0
 no ip address
 no atm ilmi-keepalive
 pvc 0/38
  encapsulation aal5mux ppp dialer
  dialer pool-member 1
 !
!
interface FastEthernet0
 switchport access vlan 20
 no ip address
 spanning-tree portfast
!
interface FastEthernet1
 switchport access vlan 10
 no ip address
 spanning-tree portfast
!
interface FastEthernet2
 switchport access vlan 10
 no ip address
 spanning-tree portfast
!
interface FastEthernet3
 no ip address
!
interface Vlan1
 no ip address
!
interface Vlan10
 description Internal Network
 ip address 192.168.1.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
!
interface Vlan20
 description Guest Network
 ip address 192.168.2.1 255.255.255.0
!
interface Dialer0
 ip ddns update hostname cannonz.no-ip.biz
 ip ddns update dyndns
 ip ddns update no-ip
 ip address negotiated
 ip access-group Internet-inbound-ACL in
 ip nat outside
 ip inspect MYFW out
 ip virtual-reassembly in
 encapsulation ppp
 ip tcp adjust-mss 1452
 dialer pool 1
 dialer idle-timeout 0
 dialer persistent
 dialer-group 1
 ppp authentication chap callin
 ppp chap hostname bthomehub@btbroadband.com
 ppp chap password 0 bthomehub@btbroadband.com
 ppp ipcp dns request
 ppp ipcp address accept
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip dns server
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source static tcp 192.168.1.2 80 interface Dialer0 80
ip route 0.0.0.0 0.0.0.0 Dialer0
ip route 192.168.3.0 255.255.255.0 192.168.1.2
!
ip access-list extended Guest-ACL
 deny   ip any 192.168.1.0 0.0.0.255
 permit ip any any
ip access-list extended Internet-inbound-ACL
 permit udp any eq bootps any eq bootpc
 permit icmp any any echo
 permit icmp any any echo-reply
 permit icmp any any traceroute
 permit gre any any
 permit esp any any
 permit tcp any any
!
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 1 permit 192.168.2.0 0.0.0.255
!
!
!
!
!
control-plane
!
!
line con 0
 password 7 09484C024D504F11
line aux 0
line vty 0 4
 password 7 070B23471A5C4106
 login
 transport input all
!
end
0
 
LVL 26

Expert Comment

by:Soulja
Comment Utility
Where is your ip domain lookup command? Maybe I am overlooking it.
0
 

Author Comment

by:cannonz
Comment Utility
I have doubled checked myself and don't see anything relating to ip domain lookup in the config either, Is this the problem if so how do I go about adding it.?
0
 
LVL 26

Expert Comment

by:Soulja
Comment Utility
conf t

ip domain lookup
0
 

Author Comment

by:cannonz
Comment Utility
I tried adding that then done a sh run command but it's still not showing up in the config
here is a copy of what response I get when it tries to update I have xxxx'd out my logon details :-

------------------------------------
Router(config)#
Router(config)#ip domain lookup
Router(config)#^Z
Router#
Feb 11 20:21:52.684: %SYS-5-CONFIG_I: Configured from console by console
Router#
Router#
Translating "dynupdate.no-ip.com"...domain server (208.67.222.222)
Feb 11 20:22:40.156: DYNDNSUPD: Adding DNS mapping for cannonz32.no-ip.biz      <=> 86.156.12.249
Feb 11 20:22:40.156: HTTPDNS: Update add called for cannonz32.no-ip.biz <=>      86.156.12.249
Feb 11 20:22:40.156: HTTPDNSUPD: Session ID = 0x40
Feb 11 20:22:40.156: HTTPDNSUPD: URL = 'http://xxxxx@xxxx:xxxx23@dynu     pdate.no-ip.com/nic/update?hostname=cannonz32.no-ip.biz&myip=86.156.12.249'
Feb 11 20:22:40.156: HTTPDNSUPD: Sending request (208.67.220.220) (194.72.9.38) (194.74.65.69) (4.2.2.6) (4.2.2.5)
... status='Host name resolution failed', tid=0

---------------------------------------------------------
Sorry i can't be more helpful but I'm not fully up to speed with cisco cli and still only at the basics.
0
 
LVL 26

Expert Comment

by:Soulja
Comment Utility
Are you able to ping url's from the router?  ping google.com  ?

I am thinking you just can't force the update, but it till update based on the interval you set up.

Also try reloading the router and see what happens.
0
 

Author Comment

by:cannonz
Comment Utility
issued a wri mem and reload command and tried to ping google results are below:-

Router>ping google.com
Translating "google.com"...domain server (208.67.222.222) (208.67.220.220) (194.72.9.38) (194.74.65.69) (4.2.2.6) (4.2.2.5)
% Unrecognized host or address, or protocol not running.
0
 
LVL 26

Expert Comment

by:Soulja
Comment Utility
Ok this may be what's missing

conf t
Ip dns server
0
 
LVL 26

Expert Comment

by:Soulja
Comment Utility
Scratch that I see it in your config.
Can you try using just onname server like 4.2.2.2
0
 

Author Comment

by:cannonz
Comment Utility
Sorry i don't understand what you mean with try using onname server like 4.2.2.2  ?
0
 
LVL 26

Expert Comment

by:Soulja
Comment Utility
Lol, sorry, typo. I meant instead of having the 4 or 5 names servers in your config can you start with using just one.
0
 
LVL 26

Expert Comment

by:Soulja
Comment Utility
I found another reference that states to add this command also

remove http://username:passsword@dynupdate.no-ip.com/nic/update?hostname=<h>&myip=<a>

Even still I think we are having a dns lookup issue. You should be able to ping by url from your router
0
 

Author Comment

by:cannonz
Comment Utility
Ok how do I remove the 4 or5 name servers I know it's something like a no command in front of the command is this right.?
0
 
LVL 26

Expert Comment

by:Soulja
Comment Utility
Yes, that is correct.

conf t
no ip name-server 208.67.222.222
no ip name-server 208.67.220.220
no ip name-server 4.2.2.6
no ip name-server 4.2.2.5

then

ip name server 8.8.8.8
ip name server 8.8.4.4
0
 

Author Comment

by:cannonz
Comment Utility
ok I have got rid of name-servers you listed and added the new ones then done a cntl Z then sh run and it appears to have saved that information.

tried to remove the http://username:passsword@dynupdate.no-ip.com/nic/update?hostname=<h>&myip=<a>

with a no command but it didn't like that any suggestions ?
0
 

Author Comment

by:cannonz
Comment Utility
removed dsl line for 30secs then plugged back in this is what I got when dsl came back up:-

--------------------------------

Feb 12 19:12:14.706: %CONTROLLER-5-UPDOWN: Controller VDSL 0, changed state to up
Feb 12 19:12:19.930: %LINK-3-UPDOWN: Interface ATM0, changed state to up
Feb 12 19:12:20.930: %LINEPROTO-5-UPDOWN: Line protocol on Interface ATM0, changed state to up
Feb 12 19:12:25.370: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to up
Feb 12 19:12:25.370: %DIALER-6-BIND: Interface Vi2 bound to profile Di0
Feb 12 19:12:25.818: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access2, changed state to up
Translating "members.dyndns.org"...domain server (194.72.9.38) (194.74.65.69) (8.8.8.8) (8.8.4.4)

Translating "dynupdate.no-ip.com"...domain server (194.72.9.38) (194.74.65.69) (8.8.8.8) (8.8.4.4)
-----------------------------------------------
0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 
LVL 26

Expert Comment

by:Soulja
Comment Utility
0
 

Author Comment

by:cannonz
Comment Utility
strange one after removing the name servers my PPP authentication light dropped out and all I had was the CD one.
After not saving and doing a reload it was back on again, I take it that it didn't like that option.?
0
 

Author Comment

by:cannonz
Comment Utility
After messing around I kind of messed up my config so I reloaded a working one from flashdrive and added my dyndns only not the no-ip one.
below is the config.
-----------------------------------------------
no aaa new-model
!
memory-size iomem 10
crypto pki token default removal timeout 0
!
crypto pki trustpoint TP-self-signed-3233774123
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-3233774123
 revocation-check none
 rsakeypair TP-self-signed-3233774123
!
!
crypto pki certificate chain TP-self-signed-3233774123
 certificate self-signed 01
  3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 33323333 37373431 3233301E 170D3133 30393137 31333338
  30345A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 32333337
  37343132 3330819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
  8100B254 C04208D2 ABF68D18 5B77C54E 7AE24FE2 6493A65E 3D67BDFA AC05CAAD
  2209BE2E DC621CE2 5682517E 3CA06F61 0C0FC713 2C0F84D8 FEBBF5CC 81A6EF17
  B768E110 C5FC6FB2 2750875C 7203BC16 39335314 CCF32034 5E042C2C 15F03FF1
  1BDF97A0 DBA757F9 42783E39 6AF59906 ACA416B4 3EC1E4D5 C935799B 9167D1FC
  AB850203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
  551D2304 18301680 1403A635 385A6809 603E2C4A FF6F439B 6995E393 A2301D06
  03551D0E 04160414 03A63538 5A680960 3E2C4AFF 6F439B69 95E393A2 300D0609
  2A864886 F70D0101 05050003 81810073 3157A85E 120A5B1D 6C25453C 0DFB0F82
  9156EFF7 64E1A26B 4675C488 EF291E25 6C6C25CB 8CA95AB1 1FF6C2EB C12636D7
  50E2B83C A87225B3 87AC7CE1 679B1801 49E4B859 4BED67E2 6783EFB6 A50CC616
  C32228AD 625331FD 85361CEC 11E196E9 26D9638E 98D3235A 9D425AE8 1F06FEE0
  D332ED58 E0504C61 03F8939E 1EEF55
        quit
ip source-route
!
!
!
ip dhcp excluded-address 192.168.1.1 192.168.1.99
ip dhcp excluded-address 192.168.2.1 192.168.2.99
!
ip dhcp pool VLAN10
 import all
 network 192.168.1.0 255.255.255.0
 default-router 192.168.1.1
 domain-name cannonz.dyndns.org
 dns-server 208.67.220.220
 lease 4
!
ip dhcp pool VLAN20
 import all
 network 192.168.2.0 255.255.255.0
 default-router 192.168.2.1
 domain-name cannonz.dyndns.org
 lease 4
!
!
ip cef
ip name-server 208.67.222.222
ip name-server 208.67.220.220
ip name-server 4.2.2.6
ip name-server 4.2.2.5
ip inspect name MYFW tcp
ip inspect name MYFW udp
ip ddns update method dyndns
 HTTP
  add http://cannonz:alissa23@members.dyndns.org/nic/update?system=dyndns&hostname=<h>&myip=<a>
 interval maximum 0 3 0 0
!
no ipv6 cef
!
!
multilink bundle-name authenticated
license udi pid CISCO887VA-SEC-K9 sn FCZ160592RB
!
!
username sysop privilege 15 password 7 08254E455D4C5D14
!
!
!
!
controller VDSL 0
!
!
!
!
!
!
!
!
interface Ethernet0
 no ip address
 shutdown
 no fair-queue
!
interface ATM0
 no ip address
 no atm ilmi-keepalive
 pvc 0/38
  encapsulation aal5mux ppp dialer
  dialer pool-member 1
 !
!
interface FastEthernet0
 switchport access vlan 20
 no ip address
 spanning-tree portfast
!
interface FastEthernet1
 switchport access vlan 10
 no ip address
 spanning-tree portfast
!
interface FastEthernet2
 switchport access vlan 10
 no ip address
 spanning-tree portfast
!
interface FastEthernet3
 no ip address
!
interface Vlan1
 no ip address
!
interface Vlan10
 description Internal Network
 ip address 192.168.1.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
!
interface Vlan20
 description Guest Network
 ip address 192.168.2.1 255.255.255.0
!
interface Dialer0
 ip ddns update hostname cannonz.dyndns.org
 ip ddns update dyndns
 ip address negotiated
 ip access-group Internet-inbound-ACL in
 ip nat outside
 ip inspect MYFW out
 ip virtual-reassembly in
 encapsulation ppp
 ip tcp adjust-mss 1452
 dialer pool 1
 dialer idle-timeout 0
 dialer persistent
 dialer-group 1
 ppp authentication chap callin
 ppp chap hostname bthomehub@btbroadband.com
 ppp chap password 0 bthomehub@btbroadband.com
 ppp ipcp dns request
 ppp ipcp address accept
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip dns server
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source static tcp 192.168.1.140 80 interface Dialer0 80
ip route 0.0.0.0 0.0.0.0 Dialer0
!
ip access-list extended Guest-ACL
 deny   ip any 192.168.1.0 0.0.0.255
 permit ip any any
ip access-list extended Internet-inbound-ACL
 permit udp any eq bootps any eq bootpc
 permit icmp any any echo
 permit icmp any any echo-reply
 permit icmp any any traceroute
 permit gre any any
 permit esp any any
 permit tcp any any
!
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 1 permit 192.168.2.0 0.0.0.255
!
!
!
!
!
control-plane
!
!
line con 0
 password 7 09484C024D504F11
line aux 0
line vty 0 4
 password 7 070B23471A5C4106
 login
 transport input all
!
end
-------------------------------------------------------
Still can't ping google response below:-
-------------------------------------------------------
Router#ping google.com
Translating "google.com"...domain server (208.67.222.222) (208.67.220.220) (194.72.9.38) (194.74.65.69) (4.2.2.6) (4.2.2.5)
% Unrecognized host or address, or protocol not running.
-------------------------------------------------------
0
 

Author Comment

by:cannonz
Comment Utility
Do you have anything else we could try as I'm at a loose end as I don't want to have to leave a PC running to update the DNS..?
0
 

Author Comment

by:cannonz
Comment Utility
We appear to have hit a brick wall can anyone else shed some light on this subject.???
0
 
LVL 26

Expert Comment

by:Soulja
Comment Utility
The problem seem to know be the ddns config but the name resolution on that router. It isn't resolving to the name servers configured. Your configs look correct though.

Can you ping your configured dns servers?
0
 

Author Comment

by:cannonz
Comment Utility
Yes It would appear so..

-------------------
Router#ping 208.67.222.222
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 208.67.222.222, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 24/24/24 ms
Router#ping 208.67.220.220
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 208.67.220.220, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/30/40 ms
Router#ping 4.2.2.6
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.2.2.6, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 24/25/28 ms
Router#ping 4.2.2.5
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.2.2.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 24/24/28 ms
Router#
0
 
LVL 26

Expert Comment

by:Soulja
Comment Utility
Can you also add

ip domain lookup source-interface Dialer 0


It looks like you added all of your old name servers too, remove them and add the google name servers 8.8.8.8 and 8.8.4.4
0
 

Author Comment

by:cannonz
Comment Utility
Done that and and still couldn't ping google.com.
 
-----------------------------------
ip cef
ip domain lookup source-interface Dialer0
ip name-server 8.8.8.8
ip name-server 8.8.4.4
ip inspect name MYFW tcp
ip inspect name MYFW udp
ip ddns update method dyndns
-----------------------------------
Router#ping google.com
Translating "google.com"...domain server (194.72.9.38) (194.74.65.69) (8.8.8.8) (8.8.4.4)
% Unrecognized host or address, or protocol not running.
0
 
LVL 26

Expert Comment

by:Soulja
Comment Utility
This is weird. I have dns configured on my router and can ping google without issue.

What are the 192.72.x.x dns servers. Can you remove those?
0
 
LVL 26

Expert Comment

by:Soulja
Comment Utility
If you just type  

google.com  at the command prompt what happens?
0
 

Author Comment

by:cannonz
Comment Utility
Router#google.com
Translating "google.com"...domain server (194.72.9.38) (194.74.65.69) (8.8.8.8) (8.8.4.4)

% Bad IP address or host name
% Unknown command or computer name, or unable to find computer address

I can't see those ip addresses anywhere in my running-config on my router could they be getting bounced over from ASA5505 firewall..??
0
 
LVL 26

Expert Comment

by:Soulja
Comment Utility
Here is my output:

snitrtr01#ping google.com

Translating "google.com"...domain server (75.75.76.76) [OK]

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 173.194.46.96, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/22/28 ms
snitrtr01#


Here is my output if I disable ip domain lookup:

snitrtr01#ping google.com

Translating "google.com"
% Unrecognized host or address, or protocol not running.
0
 
LVL 26

Expert Comment

by:Soulja
Comment Utility
Based on my output, I would say you dns lookup is disabled.

Do this again:

conf t
ip domain-lookup
0
 
LVL 26

Expert Comment

by:Soulja
Comment Utility
I don't think you ever mentions the ASA firewall. Is it allowing dns through from your router?
0
 

Author Comment

by:cannonz
Comment Utility
From a dos/command prompt I can ping any name on the internet but can't from the router but surely this wouldn't effect the router as all routing come through the router before it goes to the firewall ?
I have disconnected the firewall and connected directly to the router but still getting the same response so I suppose that rules out the firewall and confirms it's a router issue.
0
 

Author Comment

by:cannonz
Comment Utility
Should I repost again and see if anyone else can shed any light on it as we seem to be hitting our heads against a wall.?
I can't figure out why I can't ping any name on the internet from the router but can from my pc.
0
 
LVL 26

Expert Comment

by:Soulja
Comment Utility
Did you do the ip domain lookup command?

Also, what dns ip is your pc using?
0
 

Author Comment

by:cannonz
Comment Utility
yes but still same response
0
 

Author Comment

by:cannonz
Comment Utility
I can't see where it's getting these 194.xx.xx.xx address from I have looked through the whole config and can't see this address anywhere.?

----------------------------------------
Router#ping google.com
Translating "google.com"...domain server (8.8.8.8) (8.8.4.4) (194.72.9.38) (194.74.65.69)
% Unrecognized host or address, or protocol not running.
0
 
LVL 26

Expert Comment

by:Soulja
Comment Utility
What dns is your computer using?
0
 

Author Comment

by:cannonz
Comment Utility
when I do an ip config in command prompt the dns server is: 208.67.220.220 but this is what's listed in VLAN10 on the router config.
default gateway is: 192.168.1.1 in ipconfig.
0
 
LVL 26

Expert Comment

by:Soulja
Comment Utility
can you configure that name server on your router? Use that one only and see what you get
0
 
LVL 26

Expert Comment

by:Soulja
Comment Utility
Next option is we can do a  join.me session so I see your screen.
0
 

Author Comment

by:cannonz
Comment Utility
configure that name server to what.?

if it's easier I am quite happy for you to do a remote login if that's what you mean.
0
 

Author Comment

by:cannonz
Comment Utility
Hi soulja,

Sorry I never heard back from you are you off the weekend.?
0
 
LVL 26

Accepted Solution

by:
Soulja earned 500 total points
Comment Utility
Hey check my profile for my email and we can setup a join.me session.
0
 

Author Closing Comment

by:cannonz
Comment Utility
Excellent job, thanks again for your help.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now