Re: C1111-4P Router no ISP access on LAN

Beer Money · ‎06-28-2025

Good day… I’m a complete hack, aka novice, when it comes to complex networks like I have, but I do appreciate the ability to configure a great network and learn something in the process. That being said, please be very specific in your response as this is way above my skill level.

I recently upgraded my router from the RV340 to the C1111-4P as some of my new Sonos speakers weren’t connecting to the network due to the lack of proxy support on the 340. Here’s the equipment that currently makes up my network.

C1111-4P Router

Three SG350-10P Switches. One of the switches are connected directly to router in the network closet and the other two switches are connected to the first one off of the router.

Two 240AC access points one is connected to the switch off the router, the other is at a distant switch.

My issue is that I can’t access the ISP from the LAN network. The router can access it from the WAN troubleshooting shooting tool on the routers WebUi. I can access the router via console using PuTTY so if there’s anything I can do or provided via the console, please be very specific and I shouldn’t have an issue. Thank you for all your help in advance, I greatly appreciate it! I’m sure I’ll need more as I get this router dialed in!

M02@rt37 · ‎06-28-2025

Hello @Beer Money

You should have NAT configuration so that so your internal network can communicate with the Internet using the router’s public IP... check NAT configuration please.

Check also ip route. You should have an IP route...certainly a default route... check it with #show ip route command.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

Beer Money · ‎06-28-2025

When I had NAT enabled on the WAN port, it wasn’t getting an IP address. When I disabled it, I was able to get an IP address for the WAN port. Is this the NAT you’re referring to, or is it on the LAN ports?

Beer Money · ‎06-28-2025

Router#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, m - OMP
n - NAT, Ni - NAT inside, No - NAT outside, Nd - NAT DIA
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
H - NHRP, G - NHRP registered, g - NHRP registration summary
o - ODR, P - periodic downloaded static route, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
& - replicated local route overrides by connected

Gateway of last resort is not set

192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.1.0/24 is directly connected, Vlan1
L 192.168.1.1/32 is directly connected, Vlan1

M02@rt37 · ‎06-28-2025

OK @Beer Money

Thanks for that output.

Do #show ip int brief and share output too please

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

Beer Money · ‎06-28-2025

Router#show ip int brief
Interface IP-Address OK? Method Status Protocol
GigabitEthernet0/0/0 unassigned YES NVRAM administratively down down
GigabitEthernet0/0/1 unassigned YES NVRAM down down
GigabitEthernet0/1/0 unassigned YES unset down down
GigabitEthernet0/1/1 unassigned YES unset down down
GigabitEthernet0/1/2 unassigned YES unset down down
GigabitEthernet0/1/3 unassigned YES unset down down
Wl0/1/4 unassigned YES unset up up
Vlan1 192.168.1.1 YES NVRAM up up
Router#

Richard Burts · ‎06-28-2025

From one of the posts in this thread I see "Gateway of last resort is not set". That is the main reason you do not have access to the ISP. You need a default route be configured. And as others have suggested you need network address translation to be configured.

HTH

Rick

Beer Money · ‎06-28-2025

Regarding the default route, if my ISP's IP address is dynamic, how would I go about configuring it? I receive the following error when I use the example from a search.

Router(config)#ip route 0.0.0.0 0.0.0.0 192.168.1.1
%Invalid next hop address (it's this router)
Router(config)#

Beer Money · ‎06-28-2025

Ok, I might have it set. But since I'm not connected to the modem (my family would wring my neck), it's not showing the current IP address.

Router(config)#ip route 0.0.0.0 0.0.0.0 GigabitEthernet 0/0/1 dhcp
Router(config)#exit
Router#
*Jun 28 16:27:17.832: %SYS-5-CONFIG_I: Configured from console by console
Router#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, m - OMP
n - NAT, Ni - NAT inside, No - NAT outside, Nd - NAT DIA
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
H - NHRP, G - NHRP registered, g - NHRP registration summary
o - ODR, P - periodic downloaded static route, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
& - replicated local route overrides by connected

Gateway of last resort is not set

192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.1.0/24 is directly connected, Vlan1
L 192.168.1.1/32 is directly connected, Vlan1

Richard Burts · ‎06-28-2025

Thanks for the additional information. If it is not connected to anything outside, it makes sense that it might not have a default route. The config statement specifying interface and dhcp is a very appropriate option and I think should work when it is connected to ISP.

With this issue out of the way, the next challenge would be whether you have address translation configured.

HTH

Rick

Beer Money · ‎06-28-2025

Thank you, I'm looking into that now. It seems to be a bit more complicated, so I might post the code here before sending it to the router to ensure I'm configuring it correctly.

Joseph W. Doherty · ‎06-28-2025

@Richard Burts wrote:

From one of the posts in this thread I see "Gateway of last resort is not set". That is the main reason you do not have access to the ISP. You need a default route be configured. And as others have suggested you need network address translation to be configured.

To expand a bit upon one point Rick noted, the default route usually would use an ISP device IP as the next hop, often in a shared subnet they provide for your WAN interface to also use. Further, often these IPs can be obtained by using DHCP on the WAN interface, and setting the default route to also use a DHCP gateway address. (All nicely dynamic; if your ISP changes their side, your WAN router will automatically adopt to it.)

EDIT addition:

interface g0/0/0 !wan interface

ip address DHCP

ip route 0.0.0.0 0.0.0.0 g0/0/0 dhcp !default route using g0/0/0 dhcp info

Joseph W. Doherty · ‎06-28-2025

BTW, what port will the SG connect to? It could be the second "WAN" port, or a "user" VLAN port. Advantages and disadvantages using either. I'm guessing you have, so far, chosen to use a VLAN port.

Where/what is the DHCP server? It could be the C1111, if that's what the RV was doing.

BTW, see the solution marked reply in https://community.cisco.com/t5/network-management/cisco-c1111-8p-configure-internet-access/td-p/4998990

What's shown might work for you too.

One change I would like to make, is use the ISP DHCP provided DNS information. Interestingly, the RV34x provides two options for the RV DHCP pool to use the ISP DNS info.

Unsure the C1111 offers anything similar. The closest I found, if supported, might be the command DHCP pool "import all" subcommand, which, of course, requires a router interface using DHCP, itself. Otherwise, you'll need to hardcode DNS servers.

Beer Money · ‎06-28-2025

BTW, what port will the SG connect to? I'll connect the SG that's near the router to G 0/1/0 LAN

Where/what is the DHCP server? It could be the C1111, if that's what the RV was doing. I want it to be the C1111 as the RV was previously.

One change I would like to make, is use the ISP DHCP provided DNS information. Interestingly, the RV34x provides two options for the RV DHCP pool to use the ISP DNS info.

Unsure the C1111 offers anything similar. The closest I found, if supported, might be the command DHCP pool "import all" subcommand, which, of course, requires a router interface using DHCP, itself. Otherwise, you'll need to hardcode DNS servers. What would I change in the linked code to make that change? Sorry, a novice at best!

Joseph W. Doherty · ‎06-28-2025

@Beer Money wrote:

What would I change in the linked code to make that change? Sorry, a novice at best!

Instead of:

ip dhcp pool WEBUIPool
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
~~dns-server 8.8.8.8 4.2.2.2~~ import-all !requires WAN interface to be as shown in link, C1111 might not support, and I'm not positive this will bring in DNS IPs

Possibly:

ip dhcp pool WEBUIPool
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
import-all