Solved

Routing Internet on Cisco 1921 Router

Posted on 2014-02-25
4
926 Views
Last Modified: 2014-03-01
I have a motorola dsl modem that I have attached to a cisco 1941 router on gig 0/0.
I have an IP stack that is attached to the account.  
On that interface gig 0/0 I have put one of the public IP addresses.
On gig 0/1 I have the ip of 192.168.0.1/24

On the router I can ping the internet from the gig 0/0 interface but not from gig 0/1.  I am guessing I need to set up a NAT or can a cisco router not route internet traffic on 2 gig interfaces?  

Any help would be greatly appreciated!
0
Comment
Question by:DaveKall42
  • 3
4 Comments
 

Author Comment

by:DaveKall42
ID: 39887527
I have been messing with the NATing but still not working.

Here is a copy of the config of the 1941:

Current configuration : 3186 bytes
!
! Last configuration change at 00:15:34 UTC Wed Feb 26 2014 by eqcadmin
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname elem_rt_1941
!
boot-start-marker
boot-end-marker
!
!
logging buffered 51200 warnings
!
no aaa new-model
!
ip cef
!
!
!
!
!
!
ip domain name yourdomain.com
no ipv6 cef
multilink bundle-name authenticated
!
!
crypto pki trustpoint TP-self-signed-3321111813
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-3321111813
 revocation-check none
 rsakeypair TP-self-signed-3321111813
!
!
crypto pki certificate chain TP-self-signed-3321111813
 certificate self-signed 01
  3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 33333231 31313138 3133301E 170D3133 30373032 30353234
  31365A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 33323131
  31313831 3330819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
  8100AD3F 17012D38 C651DE34 987B2553 162F326A 85293B3B E822A9A9 AC9E2895
  1FA76839 230F2178 AAFF66C0 4E79B007 E2D10CCD 0639C8D1 87EEDA83 58AC947B
  A49CDB76 D301B5BB 04E8E47F 9D247BF4 378AE0B3 4C3807D2 B8A7F0FD 78B47765
  B45D5B14 8F012978 29F9A606 4D275611 90B2B1CC 1976DA18 BAD9146E 4A6D8DEF
  47110203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
  551D2304 18301680 1434719E FE17A360 A85434E1 67CDC699 209F0DBC 04301D06
  03551D0E 04160414 34719EFE 17A360A8 5434E167 CDC69920 9F0DBC04 300D0609
  2A864886 F70D0101 05050003 81810051 FC2C39B7 5E41F303 7683AC78 60709180
  7FB024C5 4C17E65C F2CDD068 FA0F22E3 4B6A7D71 597EB782 5CC7E67E 6D3BF57F
  E8FDE7E4 495A76DE D1E42B09 9BD52FF9 905EAD5F BEB29134 F0D23E54 D438A082
  FBB59087 7FD81638 B0524E3C 691FF824 EE2C4415 3C080398 821F8AF4 04A2C048
  D0B7D3A4 35C6D3C7 7066F5B3 4A687B
        quit
license udi pid CISCO1941/K9 sn FTX1727816M
!
!
!
!
!
!
!
!
interface Embedded-Service-Engine0/0
 no ip address
 shutdown
!
interface GigabitEthernet0/0
 description UNTRUSTED
 ip address 70.56.xxx.xxx 255.255.xxx.xxx
 ip nat outside
 ip virtual-reassembly in
 duplex auto
 speed auto
!
interface GigabitEthernet0/1
 description TRUSTED
 ip address 192.168.0.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
 duplex auto
 speed auto
!
ip forward-protocol nd
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
ip nat source list 1 interface GigabitEthernet0/0 overload
ip route 0.0.0.0 0.0.0.0 70.56.215.62
!
access-list 1 permit any
!
!
!
control-plane
!
!
!
line con 0
 login local
line aux 0
line 2
 no activation-character
 no exec
 transport preferred none
 transport input all
 transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
 stopbits 1
line vty 0 4
 privilege level 15
 login local
 transport input telnet ssh
line vty 5 15
 privilege level 15
 login local
 transport input telnet ssh
!
scheduler allocate 20000 1000
!
end
0
 
LVL 11

Accepted Solution

by:
Miftaul earned 500 total points
ID: 39887645
You need to define the access list correctly. It needs to define the sources specifically

Access-list 1 permit  192.168.0.1 0.0.0.255

Also change the NAT configuration like below

Ip nat inside source list 1 interface Gi0/0 overload
0
 

Author Comment

by:DaveKall42
ID: 39887708
Ok, thanks!  I will give it a try tomorrow.
0
 

Author Closing Comment

by:DaveKall42
ID: 39897855
That worked! Thanks!
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Suggested Solutions

There are two basic ways to configure a static route for Cisco IOS devices. I've written this article to highlight a case study comparing the configuration of a static route using the next-hop IP and the configuration of a static route using an outg…
If you are thinking of adopting cloud services, or just curious as to what ‘the cloud’ can offer then the leader according to Gartner for Infrastructure as a Service (IaaS) is Amazon Web Services (AWS).  When I started using AWS I was completely new…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now