03-07-2003 06:08 AM - edited 03-02-2019 05:40 AM
I just tried re-programming our 2611 router to make use of it, since we just got a PIX 515E to work as our firewall, and everything looks ok, but for some reason, the outside interface won't pick up an IP address. I set it to DHCP, and when I type "show ip interface ethernet 0/1" it says address will be negotiated using DHCP. Any ideas? If anyone wants, I'll post the configuration.
Thanks
03-07-2003 06:24 AM
From what you say, it seems like everything is OK on your side.
Is the interface up? Where is the DHCP server located?
You may post the config to check.
Regards,
Leo
03-07-2003 06:31 AM
The DHCP server that the router would be getting it's IP address on is on Optimum Online's (Cable Modem) system. Yes, the interface is up, and both sides show a link.
Also, If I wanted to, how would I remove the entire configuration to reset the IOS to factory defaults?
Here is the config:
Current configuration : 1637 bytes
!
version 12.2
no parser cache
no service single-slot-reload-enable
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname southold
!
logging rate-limit console 10 except errors
enable secret 5
enable password 7
!
ip subnet-zero
no ip source-route
!
!
ip tcp synwait-time 5
!
ip inspect name firewall tcp
ip inspect name firewall ftp
ip inspect name firewall smtp
ip inspect name firewall udp
ip inspect name firewall fragment maximum 256 timeout 1
ip inspect name firewall vdolive
ip inspect name firewall realaudio
ip inspect name firewall http
ip inspect name firewall h323
ip inspect name firewall netshow
ip inspect name firewall rtsp
ip inspect name firewall sqlnet
ip inspect name firewall streamworks
ip inspect name firewall cuseeme
ip audit notify log
ip audit po max-events 100
no ip dhcp-client network-discovery
!
!
!
interface Ethernet0/0
description admin
ip address 192.168.0.254 255.255.0.0
ip nat inside
full-duplex
!
interface Ethernet0/1
description student_network
ip address dhcp
ip access-group 125 in
ip nat outside
ip inspect firewall out
half-duplex
!
ip nat inside source list 1 pool admin-student overload
ip classless
ip route 0.0.0.0 0.0.0.0 Ethernet0/1
ip http server
!
access-list 1 permit 192.168.0.0 0.0.255.255
access-list 125 permit icmp any any
access-list 125 deny ip any any
!
line con 0
password 7
logging synchronous
login
line aux 0
password 7
login
line vty 0 4
password 7
login
line vty 5 15
password 7
login
!
!
end
03-07-2003 06:49 AM
The reason is in your access-list 125 in. This blocks the DHCP packets.
Remove it. I also notice that you are running FW-software.
Besides, it looks as if telnet is open on the Internet, that is, once you get an IP on it. Please configure something like:
lin vty 0 15
ip access-class 1 in
This blocks telnet from the outside.
To clear the router:
write erase
reload
Goodluck,
Leo
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide