10-12-2018 06:06 PM
I am using a Cisco 2811 router and a Cisco 3750g switch. I have configure router for dhcp and nat/pat. My pc's were able to receive IP Addresses but cannot access the internet. I have setup the default route, Standard ACL, and overload which seem to be working on the router side.
My issue is that the PC's were able to access the internet prior to yesterday when this all started happening. I contacted my ISP and they checked/verified my static ip's dns, rebooted the internet router and informed me that the packets are being sent but not reaching. I can ping my gateway but not dns?
Solved! Go to Solution.
10-14-2018 02:30 AM
10-12-2018 07:03 PM
10-12-2018 08:45 PM
Error message From Win 10 PC's: Your computer appears to be correctly configured, but the device or resource (DNS server) is not responding
ip dhcp excluded-address 192.168.1.1 192.168.1.49
ip dhcp pool TESTLAB
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 8.8.8.8 4.2.2.2
interface FastEthernet0/0 - INSIDE NAT
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
interface FastEthernet0/1 - OUTSIDE NAT
ip address 80.80.72.219 255.255.255.248
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
ip access-list standard MYLABS
permit 192.168.1.0 0.0.0.255
ip nat inside source list MYLABS interface FastEthernet0/0 overload
ip route 0.0.0.0 0.0.0.0 80.80.72.217
Gateway of last resort is 76.80.72.217 to network 0.0.0.0
S* 0.0.0.0/0 [1/0] via 80.80.72.217
80.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 80.80.72.216/29 is directly connected, FastEthernet0/1
L 80.80.72.219/32 is directly connected, FastEthernet0/1
192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.1.0/24 is directly connected, FastEthernet0/0
L 192.168.1.1/32 is directly connected, FastEthernet0/0
10-12-2018 08:52 PM
10-12-2018 08:53 PM
I also used the (2) DNS given by my ISP
10-13-2018 02:59 AM
You have not explained how is your Switch connected to 2811 router.
you can do quick test from router connected to ISP
1. can you able to ping 8.8.8.8 from 2811
2. From PC do nslookup and see the domain is resolvable example google.com
nslookup google.com
3. from PC you able ping 8.8.8.8 ?
ping -t 8.8.8.8
when you doing ping see in router is the nat xlate output ? and post the errors and tests
finally post show version of both the devices and log messages.
10-13-2018 09:12 AM
Ping & NSLookup From PC:
Ping statistics for 8.8.8.8:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
C:\>
C:\>
C:\>
C:\>nslookup google.com
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 209.18.47.61
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Request to UnKnown timed-out
2811 Router Info:
Cisco IOS Software, 2800 Software (C2800NM-ADVENTERPRISEK9-M), Version 15.1(4)M1, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2011 by Cisco Systems, Inc.
Compiled Tue 14-Jun-11 18:17 by prod_rel_team
ROM: System Bootstrap, Version 12.4(13r)T11, RELEASE SOFTWARE (fc1)
RT1LAB#sh cdp neigh
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone,
D - Remote, C - CVTA, M - Two-port Mac Relay
Device ID Local Intrfce Holdtme Capability Platform Port ID
Switch Fas 0/0 165 S I WS-C3750G Gig 3/0/47
IP DHCP Binding:
RT1LAB#sh ip dhcp binding
Bindings from all pools not associated with VRF:
IP address Client-ID/ Lease expiration Type
Hardware address/
User name
192.168.1.50 0063.6973.636f.2d30. Oct 14 2018 03:56 PM Automatic
3032.342e.6637.3832.
2e35.6663.302d.566c.
31
192.168.1.51 014c.cc6a.f6e2.09 Oct 14 2018 04:10 PM Automatic
192.168.1.53 0168.1ca2.129c.20 Oct 14 2018 04:10 PM Automatic
192.168.1.54 0170.85c2.4f86.1b Oct 14 2018 04:37 PM Automatic
RT1LAB#
Ping From 2811 Router:
RT1LAB(config)# exit
RT1LAB#
*Oct 13 16:34:39.099: %SYS-5-CONFIG_I: Configured from console by console
RT1LAB#
RT1LAB#
RT1LAB#
RT1LAB#ping 8.8.8.8
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/21/24 ms
RT1LAB#
RT1LAB#
RT1LAB#ping 8.8.4.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.4.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/19/24 ms
RT1LAB#
10-13-2018 09:18 AM
RT1LAB#sh ip nat trans
Pro Inside global Inside local Outside local Outside global
udp 192.168.1.1:59212 192.168.1.51:59212 209.18.47.61:53 209.18.47.61:53
udp 192.168.1.1:59212 192.168.1.51:59212 209.18.47.62:53 209.18.47.62:53
udp 192.168.1.1:49750 192.168.1.53:49750 209.18.47.62:53 209.18.47.62:53
udp 192.168.1.1:52974 192.168.1.53:52974 209.18.47.61:53 209.18.47.61:53
udp 192.168.1.1:52974 192.168.1.53:52974 209.18.47.62:53 209.18.47.62:53
udp 192.168.1.1:53513 192.168.1.53:53513 209.18.47.61:53 209.18.47.61:53
udp 192.168.1.1:53513 192.168.1.53:53513 209.18.47.62:53 209.18.47.62:53
udp 192.168.1.1:59089 192.168.1.53:59089 209.18.47.61:53 209.18.47.61:53
udp 192.168.1.1:59089 192.168.1.53:59089 209.18.47.62:53 209.18.47.62:53
udp 192.168.1.1:60095 192.168.1.53:60095 209.18.47.61:53 209.18.47.61:53
udp 192.168.1.1:60095 192.168.1.53:60095 209.18.47.62:53 209.18.47.62:53
udp 192.168.1.1:61865 192.168.1.53:61865 209.18.47.61:53 209.18.47.61:53
udp 192.168.1.1:61865 192.168.1.53:61865 209.18.47.62:53 209.18.47.62:53
udp 192.168.1.1:64573 192.168.1.53:64573 209.18.47.61:53 209.18.47.61:53
udp 192.168.1.1:64573 192.168.1.53:64573 209.18.47.62:53 209.18.47.62:53
udp 192.168.1.1:49447 192.168.1.54:49447 8.8.4.4:53 8.8.4.4:53
udp 192.168.1.1:49447 192.168.1.54:49447 8.8.8.8:53 8.8.8.8:53
udp 192.168.1.1:52819 192.168.1.54:52819 8.8.4.4:53 8.8.4.4:53
udp 192.168.1.1:52819 192.168.1.54:52819 8.8.8.8:53 8.8.8.8:53
udp 192.168.1.1:58473 192.168.1.54:58473 8.8.4.4:53 8.8.4.4:53
udp 192.168.1.1:58473 192.168.1.54:58473 8.8.8.8:53 8.8.8.8:53
udp 192.168.1.1:60031 192.168.1.54:60031 8.8.4.4:53 8.8.4.4:53
Pro Inside global Inside local Outside local Outside global
udp 192.168.1.1:60031 192.168.1.54:60031 8.8.8.8:53 8.8.8.8:53
udp 192.168.1.1:62186 192.168.1.54:62186 8.8.4.4:53 8.8.4.4:53
udp 192.168.1.1:62186 192.168.1.54:62186 8.8.8.8:53 8.8.8.8:53
udp 192.168.1.1:62428 192.168.1.54:62428 8.8.4.4:53 8.8.4.4:53
udp 192.168.1.1:62428 192.168.1.54:62428 8.8.8.8:53 8.8.8.8:53
udp 192.168.1.1:62838 192.168.1.54:62838 8.8.4.4:53 8.8.4.4:53
udp 192.168.1.1:62838 192.168.1.54:62838 8.8.8.8:53 8.8.8.8:53
udp 192.168.1.1:62881 192.168.1.54:62881 8.8.4.4:53 8.8.4.4:53
udp 192.168.1.1:62881 192.168.1.54:62881 8.8.8.8:53 8.8.8.8:53
RT1LAB#
Ping From Router To PC:
RT1LAB#ping 192.168.1.54
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.54, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
RT1LAB#
10-13-2018 01:28 PM
After your looking your configs and output, your router have connection to internet
Looks like your NAT not working.
Lets have quick test NAT part. and change simple config change.
CHANGE THE CONFIG AS BELOW for testing.
=============================
interface FastEthernet0/0
no ip virtual-reassembly in
ip virtual-reassembly
interface FastEthernet0/1
no ip virtual-reassembly in
ip virtual-reassembly
also config ip name-server for testing
ip name-server 8.8.8.8 <-- your ISP name server
once config change done.
From router 2811 you should able to ping yahoo.com <-- paste this output in the forum
if that works, ping using source interface using internal interface.
ping yahoo.com source fa 0/0 - now your NAT Translation should work.
If this is working, check from PC also.
if all fails, post full configuration of router and Switch.
10-14-2018 12:19 AM
do you mean my isp's dns for name-server? I don't understand? can you give me a better example?
10-14-2018 01:02 AM
This configuration need to be configure in router : ( along with other changes i have suggested on other post).
ip name-server 8.8.8.8 - you start with config (since you confirmed you able to reach 8.8.8.8 from router).
10-14-2018 02:30 AM
10-14-2018 03:46 AM
Good catch - some time small things misses while we doing diagnosis the problems.
Glad all working as expected.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide