Solved

Cisco 2900 series router - home setup - can't get to the internet

Posted on 2016-08-25
10
37 Views
Last Modified: 2016-09-02
I have a CIsco 2900 series router.  To start off, I have this set up in my lab at the office and I am able to access the internet, works fine. When I bring it home however, it will not allow me to connect to the internet.  I can ping my ISP's IP address (gi0/0) that I was assigned via DHCP, that is it though.  I have a cable modem, goes to an 8 port CIsco switch, then I have an ASUS router in access point mode.  I have tried to plug a laptop right into the switch to bypass the wireless.  That didn't work.  I have gone through documentation and I think it is set up properly.  Obviously I am missing something.  My first thought was the access list but if it functions properly at my work, then I don't think it could be there.

Below is a show run config...

Cisco2900#show run
Building configuration...


Current configuration : 1984 bytes
!
! Last configuration change at 14:12:34 UTC Thu Aug 25 2016 by admin
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Cisco2900
!
boot-start-marker
boot-end-marker
!
!
! card type command needed for slot/vwic-slot 0/0
enable secret 4 IZDofN3ddRqinND7VTvzvvhWZi8Y94l8qIZp1/pdUHY
!
no aaa new-model
!
!
no ipv6 cef
ip auth-proxy max-login-attempts 5
ip admission max-login-attempts 5
!
!
!
ip dhcp excluded-address 192.168.99.1 192.168.99.100
!
ip dhcp pool internal
 import all
 network 192.168.99.0 255.255.255.0
 default-router 192.168.99.2
 dns-server 4.2.2.2
!
!
ip cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
voice-card 0
!
!
!
!
!
!
!
!
license udi pid CISCO2911/K9 sn FTX1726ANBJ
hw-module pvdm 0/0
!
!
!
username admin password 0 **********
!
redundancy
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Embedded-Service-Engine0/0
 no ip address
 shutdown
!
interface GigabitEthernet0/0
 ip address dhcp
 ip nat outside
 ip virtual-reassembly in
 duplex auto
 speed auto
!
interface GigabitEthernet0/1
 ip address 192.168.99.2 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
 duplex auto
 speed auto
!
interface GigabitEthernet0/2
 no ip address
 shutdown
 duplex auto
 speed auto
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip nat inside source list 101 interface GigabitEthernet0/0 overload
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0
!
access-list 101 permit ip 192.168.99.0 0.0.0.255 any
!
!
!
control-plane
!
!
voice-port 0/3/0
!
voice-port 0/3/1
!
voice-port 0/3/2
!
voice-port 0/3/3
 !
 !
 !
!
!
!
mgcp profile default
!
!
!
!
!
gatekeeper
 shutdown
!
!
!
line con 0
line aux 0
line 2
 no activation-character
 no exec
 transport preferred none
 transport input all
 transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
 stopbits 1
line vty 0 4
 password **********
 login local
 transport input all
!
scheduler allocate 20000 1000
!
end

Cisco2900#
0
Comment
Question by:Greg Franklin
  • 5
  • 3
  • 2
10 Comments
 
LVL 18

Expert Comment

by:Akinsd
ID: 41770488
What address is assigned to G0/0
Also, most ISP modems cache the mac address of devices they plug to, try flushing out the mac adress by resetting that modem.
0
 

Author Comment

by:Greg Franklin
ID: 41770510
Hi, thanks for the reply.  I did reset the modem, should have mentioned that.  That did not work.  I have assigned gi0/0 to pick up an IP Address from my ISP.  The command below was entered...

interface GigabitEthernet0/0
 ip address dhcp
 ip nat outside
 ip virtual-reassembly in
 duplex auto
 speed auto
0
 
LVL 27

Expert Comment

by:Predrag Jovic
ID: 41770719
Are interfaces up, did WAN get IP address from ISP?
What is output from:

# sh ip interf brief
# sh ip route

does ping to 8.8.8.8 is working from router itself, extended ping from Gi0/1
ping 8.8.8.8

and extended ping

ping
Protocol [ip]:
Target IP address: 8.8.8.8
Repeat count [5]:
Datagram size [100]:
Timeout in seconds [2]:
Extended commands [n]: y
Source address or interface: 192.168.99.2
*
*
*

than you can check also nat translation
# sh ip nat translat
0
 
LVL 18

Expert Comment

by:Akinsd
ID: 41770736
Yes, I meant what IP did the ISP assign to int G0/0
The default route is pointed to the int G0/0 which technically eliminates route issue, unless it's not working.
The NAT translations worked before you location change.

This means the main focus is on the IP address that was dynamically assigned to int gi0/0. My guess is, it's not getting an IP or could be getting a private IP.
0
 

Author Comment

by:Greg Franklin
ID: 41770746
Hi yes the WAN did get an IP from the ISP.  I could not ping the Google DNS servers, I could ping the WAN IP and the internal subnet.  I will try provide the output later tonight when I get home.  Thank you!
0
Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

 

Author Comment

by:Greg Franklin
ID: 41771642
Hi, here is the info requested.

Router#show ip interface brief
Interface                  IP-Address      OK? Method Status                Protocol
Embedded-Service-Engine0/0 unassigned      YES NVRAM  administratively down down    
GigabitEthernet0/0         72.38.0.138     YES DHCP   up                    up      
GigabitEthernet0/1         192.168.99.2    YES NVRAM  down                  down    
GigabitEthernet0/2         unassigned      YES NVRAM  administratively down down    
NVI0                       unassigned      YES unset  administratively down down    


Router#ping 8.8.8.8
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)



Router#show ip route br   
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is 0.0.0.0 to network 0.0.0.0

S*    0.0.0.0/0 is directly connected, GigabitEthernet0/0
      24.0.0.0/32 is subnetted, 1 subnets
S        24.226.22.75 [254/0] via 72.38.0.129, GigabitEthernet0/0
      72.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        72.38.0.128/25 is directly connected, GigabitEthernet0/0
L        72.38.0.138/32 is directly connected, GigabitEthernet0/0




I tried to to an extended ping to 8.8.8.8 from gi0/0 but it didn't like that too much.

Router#ping
Protocol [ip]:
Target IP address: 8.8.8.8
Repeat count [5]:
Datagram size [100]:
Timeout in seconds [2]:
Extended commands [n]: y
Source address or interface: 192.168.99.2
% Invalid source. Must use same-VRF IP address or full interface name without spaces (e.g. Serial0/1)
Source address or interface: gi0/0
% Invalid source. Must use same-VRF IP address or full interface name without spaces (e.g. Serial0/1)


I tried using the assigned IP by my ISP as the source address and that seemed to be able to prcess the request however, still no response.

Router#  ping
Protocol [ip]: 8.8.8.8       
Target IP address: 8.8.8.8
Repeat count [5]:
Datagram size [100]:
Timeout in seconds [2]:
Extended commands [n]: y
Source address or interface: 72.38.0.138
Type of service [0]:
Set DF bit in IP header? [no]:
Validate reply data? [no]:
Data pattern [0xABCD]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Sweep range of sizes [n]:
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
Packet sent with a source address of 72.38.0.138
.....
Success rate is 0 percent (0/5)
0
 
LVL 27

Expert Comment

by:Predrag Jovic
ID: 41773502
Something is wrong here.
S*    0.0.0.0/0 is directly connected, GigabitEthernet0/0
      24.0.0.0/32 is subnetted, 1 subnets
S        24.226.22.75 [254/0] via 72.38.0.129, GigabitEthernet0/0
      72.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        72.38.0.128/25 is directly connected, GigabitEthernet0/0
L        72.38.0.138/32 is directly connected, GigabitEthernet0/0
You have no static route to 24.0.0.0 in configuration or dynamic routing and yet there is one in your route table.
The second problem is
GigabitEthernet0/1         192.168.99.2    YES NVRAM down                  down
+
NVI0                       unassigned      YES unset  administratively down down
is typically responsible for natting on new platforms - it is admin down?

Configuration can be slightly different for using NVI0 interface

Interface <type><number>
ip nat enable                                            <--- no inside or outside just enable

! nat statement
ip nat source list 1 interface Gi0/0 overload  <--- no inside keyword

Cisco link - Example: Configuring the NAT Virtual Interface
0
 
LVL 27

Expert Comment

by:Predrag Jovic
ID: 41773505
Try to traceroute from router to 8.8.8.8 to check is ISP sending icmp back (if yes, you can configure the first hop's IP address as next hop for default route).
And please again, after ping check NAT table.
# sh ip nat translat

But, anyway, I guess that ping from router should work as it is configured. Try to power cycle upstream device (ISP's device).
0
 

Accepted Solution

by:
Greg Franklin earned 0 total points
ID: 41773848
I figured it out, I had to add this...

ip route 0.0.0.0 0.0.0.0 dhcp

Works fine now.
0
 

Author Closing Comment

by:Greg Franklin
ID: 41781313
I found the answer elsewhere online.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

We've been using the Cisco/Linksys RV042 for years as: - an internet Gateway - a site-to-site VPN device - a leased line site-to-site subnet-to-subnet interface (And, here I'm assuming that any RV0xx behaves the same way as an RV042.  So that's …
I recently updated from an old PIX platform to the new ASA platform.  While upgrading, I was tremendously confused about how the VPN and AnyConnect licensing works.  It turns out that the ASA has 3 different VPN licensing schemes. "site-to-site" …
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now