01-17-2004 01:46 PM - edited 03-02-2019 12:57 PM
I have two interfaces on a cisco 2621 router, 0/0 and 0/1. Interface 0/0 is being used for DHCP. Is there a way to gain internet access by using the second interface (0/1)? Some sort of config that needs to be set up?
01-17-2004 08:39 PM
What exaclt are you trying to acomplish? Is 0/0 acting as a DHCP server or client?
01-17-2004 08:50 PM
yes 0/0 is acting as DHCP server which i have connected to port 1 on a catalyst 2900 switch. I would like to configure 0/1 with the cable modem, will interface 0/1 pickup the IP given to my dlink router if i manually set the mac address on 0/1 exactly the same as what my dlink router is right now to enable internet access from any port on the switch? does that make sense?
01-17-2004 09:13 PM
yes 0/0 is acting as DHCP server which i have connected to port 1 on a catalyst 2900 switch. I would like to configure 0/1 with the cable modem, will interface 0/1 pickup the IP given to my dlink router if i manually set the mac address on 0/1 exactly the same as what my dlink router is right now to enable internet access from any port on the switch? does that make sense?
01-17-2004 10:02 PM
In theory it will work. You setup 0/1 as the NAT outside interface and 0/0 as the NAT inside. Then you tell 0/1 to 'ip address dhcp' and it should work.
-Mike
01-17-2004 10:20 PM
ok...dhcp worked cuz i did a sho ip int b and it grabbed the ip, but i still can't get out to the internet from the switch...is this a ACL issue?
01-18-2004 10:28 AM
Do you have any ACLs setup up? Why don't you post your show conf and I'll help you from there.
-Mike
01-18-2004 11:02 AM
here's the conf: the ACL that is in there was something i put in for the heck of it. Also, from the router i can ping some external ips (Cisco.com, and fanball.com are two that i could...espn.com, yahoo.com, and ebay.com are the three that i couldn't ping.
show config
Using 1054 out of 29688 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname 2621
!
enable secret 5 $1$/iMz$RPOKV4dMtn6u7/GSOlnsS.
enable password golfball
!
ip subnet-zero
!
!
no ip dhcp conflict logging
ip dhcp excluded-address 172.16.1.100 172.16.1.103
!
ip dhcp pool finnigans
network 172.16.0.0 255.255.0.0
domain-name finnigans.net
dns-server 172.16.1.101
default-router 66.41.130.120
netbios-name-server 172.16.1.101
netbios-node-type h-node
interface FastEthernet0/0
ip address 172.16.1.100 255.255.0.0
ip nat inside
no ip mroute-cache
speed auto
half-duplex
no cdp enable
interface FastEthernet0/1
mac-address 0040.0526.b8e3
ip address dhcp
no ip redirects
no ip unreachables
ip nat outside
no ip mroute-cache
duplex auto
speed auto
no cdp enable
ip classless
no ip http server
ip pim bidir-enable
access-list 1 permit 172.16.1.0 0.0.0.255
no cdp run
snmp-server community public RO
line con 0
line aux 0
line vty 0 4
password password
login
end
01-18-2004 02:47 PM
OK, in the DHCP pool called finnigans that you created you need to set the default-router as 172.16.1.100 since that's the address of this router.
-Mike
01-18-2004 03:11 PM
ok...i think everything is ok on the router...i think it's the switch that's the problem...can't ping any external addys from the switch...i can ping the router and the workstation that are plugged into ports 1&2 respectivly..but when i try to ping for example fanball.com i get "unrecognized host or address, or protocol not running" error.
01-18-2004 03:15 PM
OK, I still think the problem is with the DHCP pool.
-Mike
01-18-2004 03:25 PM
thanks for your help BTW...much appreciated!
01-18-2004 03:24 PM
fyi...here is the show config for the switch:
show config
Using 1064 out of 32768 bytes
!
version 11.2
no service pad
no service udp-small-servers
no service tcp-small-servers
!
hostname Switch
!
!
!
!
interface VLAN1
ip address 172.16.1.104 255.255.255.0
no ip route-cache
!
interface FastEthernet0/1
port network
spanning-tree portfast
!
interface FastEthernet0/2
!
interface FastEthernet0/3
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
and so on till port 24
then
!
ip default-gateway 172.16.1.100
!
snmp-server community private RW
!
snmp-server community public RO
!
line con 0
stopbits 1
line vty 0 4
login
!
end
01-18-2004 05:49 PM
Hi,
I believe your problem is that you do not have NAT configured. try the following config:-
!
hostname 2621
!
enable secret 5 $1$/iMz$RPOKV4dMtn6u7/GSOlnsS.
enable password golfball
!
ip subnet-zero
!
!
ip dhcp excluded-address 172.16.1.100 172.16.1.103
!
ip dhcp pool finnigans
network 172.16.1.0 255.255.255.0
domain-name finnigans.net
dns-server 172.16.1.101
default-router 172.16.1.100
netbios-name-server 172.16.1.101
!
interface FastEthernet0/0
ip address 172.16.1.100 255.255.1.0
ip nat inside
no ip mroute-cache
speed auto
duplex auto
no cdp enable
interface FastEthernet0/1
mac-address 0040.0526.b8e3
ip address dhcp
no ip redirects
no ip unreachables
ip nat outside
no ip mroute-cache
duplex auto
speed auto
no cdp enable
!
ip nat inside source list 1 interface FastEthernet0/1 overload
!
ip access-list extended ACL-CONSOLE
remark Telnet Access
permit ip 172.16.1.0 0.0.0.255 any
deny ip any any
!
ip classless
no ip http server
ip pim bidir-enable
!
access-list 1 permit 172.16.1.0 0.0.0.255
no cdp run
snmp-server community public RO
!
line con 0
line aux 0
line vty 0 4
access-class ACL-CONSOLE in
password password
login
end
- Note I have also included an ACL to prevent outside users being able to Telnet onto your router - I would suggest you implement the IOS Firewall feature set on this router to protect it.
Your switch config is fine.
Hope this helps,
Rowan
01-20-2004 10:02 PM
so you think i need to add routes between the two interfaces?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide