cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

632
Views
0
Helpful
11
Replies
Amardeep Kumar
Beginner

Internet is not working behind Cisco 1841

   HI

I have configured a Cisco router. I am able to ping google from rotuer. I can ping my local IP from router and router local IP to my machine. But I can not access internet on machine. I can not ping google and any other IP out of network.

Please help..

Thanks

11 REPLIES 11
Shrikant Sundaresh
Cisco Employee

Hi Amardeep,


There can be 2 causes of this issue:


1. There is no NAT configured on the router.

A basic guide is given here:: http://www.cisco.com/en/US/docs/routers/access/1800/1801/software/configuration/guide/pppoenat.html#wp1165866

2. There is no DNS server configure on your test PC, and hence it is unable to resolve google.com.

Give a DNS ip of 4.2.2.2 and that should fix the issue.

Hope this helps.

In case you still have issues, please provide a simple topology and/or the config on the router.

-Shrikant

P.S.: Please mark the question resolved, if it has been answered. Do rate helpful posts. Thanks.

HI

Please check it


Router#sh run
Building configuration...

Current configuration : 3133 bytes
!
! Last configuration change at 06:17:04 PCTime Fri Apr 8 2011 by
! NVRAM config last updated at 05:59:14 PCTime Fri Apr 8 2011 by
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname Router
!
boot-start-marker
boot-end-marker
!
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200 debugging
logging console critical
enable secret 5 $1$V5d/$TBkvtWf.kBMDYNF.A4OfZ/
!
no aaa new-model
!
resource policy
!
clock timezone PCTime 5 30
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
no ip source-route
ip cef
!
!
ip tcp synwait-time 10
no ip dhcp use vrf connected
!
!
no ip bootp server
ip domain name test.com
ip name-server DNS1
ip name-server DNS2
!
!
!
!
interface FastEthernet0/0
description
ip address 192.168.14.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip route-cache flow
duplex auto
speed auto
no mop enabled
!
interface FastEthernet0/1
ip address External IP 255.255.255.240
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip route-cache flow
duplex auto
speed auto
no mop enabled
!
ip classless
ip route 0.0.0.0 0.0.0.0 FastEthernet0/1
!
ip http server
ip http authentication local
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat pool MyPool 192.168.14.0 192.168.15.0 netmask 0.0.0.255
ip nat inside source list acl1 pool Mypool
!
logging trap debugging
access-list 1 permit 192.168.14.0 0.0.0.255
no cdp run
!
control-plane
!
banner exec ^C

banner login ^CAuthorized access only!
Disconnect IMMEDIATELY if you are not an authorized user!^C
!
line con 0
login local
transport output telnet
line aux 0
login local
transport output telnet
line vty 0 4
privilege level 15
login local
transport input telnet
line vty 5 15
privilege level 15
login local
transport input telnet
!
scheduler allocate 4000 1000
end

Router#

Thanks

Amardeep

ip nat pool MyPool 192.168.14.0 192.168.15.0 netmask 0.0.0.255
ip nat inside source list acl1 pool Mypool
!
logging trap debugging
access-list 1 permit 192.168.14.0 0.0.0.255
no cdp run

*********************

Your IP Nat statement is referencing a named ACL and you have a numbered ACL configured. So there is nothing that will match the statement to NAT as there is no ACL.

You can add the named ACL:

ip access-list extended acl1

permit ip 192.168.14.0 0.0.0.255 any

or you can change the IP NAT statement to :

ip nat inside source list 1 pool Mypool

HI

No Help yet, I think I am missing something..

What is that ?

Please help

Thanks

Amar

Please check it

version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname Router
!
boot-start-marker
boot-end-marker
!
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200 debugging
logging console critical

!
no aaa new-model
!
resource policy
!
clock timezone PCTime 5 30
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
no ip source-route
ip cef
!
!
ip tcp synwait-time 10
no ip dhcp use vrf connected
!
!
no ip bootp server
ip domain name test.com
ip name-server DNS2
ip name-server DNS2
!

!
!
!
interface FastEthernet0/0
description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-FE 0$$ES_LAN$$FW_INSIDE$
ip address 192.168.14.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip route-cache flow
duplex auto
speed auto
no mop enabled
!
interface FastEthernet0/1
ip address externalIP  255.255.255.240
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip route-cache flow
duplex auto
speed auto
no mop enabled
!
ip classless
ip route 0.0.0.0 0.0.0.0 gatewayy
!
ip http server
ip http authentication local
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat pool Mypool 192.168.14.0 192.168.15.0 netmask 0.0.0.255
ip nat inside source list 1 pool Mypool
ip nat inside source list acl1 pool Mypool
!
ip access-list extended acl1
permit ip 0.0.0.0 255.255.255.0 any
!
logging trap debugging
no cdp run
!
control-plane
!


!
scheduler allocate 4000 1000
end

A couple of things Amardeep:

ip route 0.0.0.0 0.0.0.0 gatewayy (i hope you have the ip address here)

Remove the earlier nat you configured:

no ip nat inside source list 1 pool Mypool

Hope this helps.

-Shrikant

P.S.: Please mark the question answered, if it has been resolved. Do rate helpful posts.

HI

ip route 0.0.0.0 0.0.0.0 gateway External IP ( There is IP)

I have this now ... But net is not running..

ip nat pool Mypool 192.168.14.0 192.168.15.0 netmask 0.0.0.255
ip nat inside source list acl1 pool Mypool
!
ip access-list extended acl1
permit ip 0.0.0.0 255.255.255.0 any
!
logging trap debugging
no cdp run

Thanks

Amar

Hi Amar,

The access-list is actually incorrect:

ip access-list extended acl1
permit ip 0.0.0.0 255.255.255.0 any

It should be either:

permit ip any any

OR permit ip 192.168.1.0 0.0.0.255 any

(if 192.168.1.0/24 is your internal network).

Please let me know if that helps.

-Shrikant

P.S.: Please mark the question resolved, if it has been answered. Do rate helpful posts. Thanks.

HI

Same issue. No internet is running on local machine.

Here is it


ip nat pool Mypool 192.168.14.0 192.168.15.0 netmask 0.0.0.255
ip nat inside source list acl1 pool Mypool
!
ip access-list extended acl1
permit ip 192.168.14.0 0.0.0.255 any

------

Is there any thing I need to define

Do i need these command on router ?

nat (inside) 0 access-list ?
nat (inside) 1 192.168.14.0 255.255.255.0
nat (inside) 1 0.0.0.0 0.0.0.0

Thanks

Amardeep

Hi Amar,

Please enter the following commands:

no ip nat pool Mypool 192.168.14.0 192.168.15.0 netmask 0.0.0.255
no ip nat inside source list acl1 pool Mypool

!

ip nat inside source list acl1 interface fastethernet 0/1 overload

You were basically sending the traffic to the internet with public ip addresses in the pool. Thus no replies were coming back.

Doing an interface PAT would resolve the issue.

The commands you mentioned in your post are ASA commands and not for routers.

Hope this helps.

-Shrikant

P.S.: Please mark the question resolved, if it has been answered. Do rate helpful posts. Thanks.

HI ShriKant,

Thank You Very Much..

Thanks

Amardeep Rana

Create
Recognize Your Peers
Content for Community-Ad