cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1032
Views
0
Helpful
5
Replies

i cannot ping from my pc but i can ping from my router

rauca 12345
Level 1
Level 1

#sh run
Building configuration...


Current configuration : 2732 bytes
!
! Last configuration change at 16:48:25 UTC Thu Feb 9 2023
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CONNECTIUM_ROUTER
!
boot-start-marker
boot-end-marker
!
!
! card type command needed for slot/vwic-slot 0/0
enable password cisco
!
no aaa new-model
!
ip cef
!
!
!
!
ip dhcp pool CUSTOMER_1
network 192.168.1.0 255.255.255.192
default-router 192.168.1.1
dns-server 8.8.8.8 8.8.4.4
lease 14
!
ip dhcp pool CUSTOMER_2
network 192.168.1.64 255.255.255.192
default-router 192.168.1.65
dns-server 8.8.8.8 8.8.4.4
lease 14
!
ip dhcp pool CUSTOMER_3
network 192.168.1.128 255.255.255.192
default-router 192.168.1.129
dns-server 8.8.8.8 8.8.4.4
lease 14
!
!
!
no ip domain lookup
ip domain name cisco.net
no ipv6 cef
multilink bundle-name authenticated
!
!
!
!
!
!
!
voice-card 0
!
!
!
!
!
!
!
!
license udi pid CISCO2921/K9 sn FCZ175360JV
hw-module pvdm 0/0
!
!
!
username admin password 0 cisco
!
redundancy
!
!
ip ssh version 2
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
ip address 172.16.4.145 255.255.255.252
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/0.10
encapsulation dot1Q 10
ip address 192.168.1.1 255.255.255.192
!
interface GigabitEthernet0/0.20
encapsulation dot1Q 20
ip address 192.168.1.65 255.255.255.192
!
interface GigabitEthernet0/0.30
encapsulation dot1Q 30
ip address 192.168.1.129 255.255.255.192
!
interface GigabitEthernet0/1
description INTERNET LINE
ip address dhcp
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/2

CONNECTIUM_ROUTER#nterface GigabitEthernet0/1
^
% Invalid input detected at '^' marker.

CONNECTIUM_ROUTER# description INTERNET LINE
^
% Invalid input detected at '^' marker.

CONNECTIUM_ROUTER# ip address dhcp
^
% Invalid input detected at '^' marker.

CONNECTIUM_ROUTER# no ip redirects
^
% Invalid input detected at '^' marker.

CONNECTIUM_ROUTER# no ip unreachables
^
% Invalid input detected at '^' marker.

CONNECTIUM_ROUTER# no ip proxy-arp
^
% Invalid input detected at '^' marker.

CONNECTIUM_ROUTER# ip nat outside
^
% Invalid input detected at '^' marker.

CONNECTIUM_ROUTER# ip virtual-reassembly in
^
% Invalid input detected at '^' marker.

CONNECTIUM_ROUTER# duplex auto
^
% Invalid input detected at '^' marker.

CONNECTIUM_ROUTER# speed auto
^
% Invalid input detected at '^' marker.

CONNECTIUM_ROUTER#
CONNECTIUM_ROUTER#
CONNECTIUM_ROUTER#
CONNECTIUM_ROUTER#
CONNECTIUM_ROUTER#sh run
Building configuration...


Current configuration : 2732 bytes
!
! Last configuration change at 16:48:25 UTC Thu Feb 9 2023
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CONNECTIUM_ROUTER
!
boot-start-marker
boot-end-marker
!
!
! card type command needed for slot/vwic-slot 0/0
enable password cisco
!
no aaa new-model
!
ip cef
!
!
!
!
ip dhcp pool CUSTOMER_1
network 192.168.1.0 255.255.255.192
default-router 192.168.1.1
dns-server 8.8.8.8 8.8.4.4
lease 14
!
ip dhcp pool CUSTOMER_2
network 192.168.1.64 255.255.255.192
default-router 192.168.1.65
dns-server 8.8.8.8 8.8.4.4
lease 14
!
ip dhcp pool CUSTOMER_3
network 192.168.1.128 255.255.255.192
default-router 192.168.1.129
dns-server 8.8.8.8 8.8.4.4
lease 14
!
!
!
no ip domain lookup
ip domain name cisco.net
no ipv6 cef
multilink bundle-name authenticated
!
!
!
!
!
!
!
voice-card 0
!
!
!
!
!
!
!
!
license udi pid CISCO2921/K9 sn FCZ175360JV
hw-module pvdm 0/0
!
!
!
username admin password 0 cisco
!
redundancy
!
!
ip ssh version 2
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
ip address 172.16.4.145 255.255.255.252
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/0.10
encapsulation dot1Q 10
ip address 192.168.1.1 255.255.255.192
!
interface GigabitEthernet0/0.20
encapsulation dot1Q 20
ip address 192.168.1.65 255.255.255.192
!
interface GigabitEthernet0/0.30
encapsulation dot1Q 30
ip address 192.168.1.129 255.255.255.192
!
interface GigabitEthernet0/1
description INTERNET LINE
ip address dhcp
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/2
no ip address
shutdown
duplex auto
speed auto
!
router ospf 10
network 192.168.1.0 0.0.0.63 area 0
network 192.168.1.64 0.0.0.63 area 0
network 192.168.1.128 0.0.0.63 area 0
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 10.10.10.0
ip route 0.0.0.0 0.0.0.0 10.10.10.1
!
ip access-list extended NAT-TRAFFIC
permit ip 192.168.1.0 0.0.0.63 any
permit ip 192.168.64.0 0.0.0.63 any
permit ip 192.168.128.0 0.0.0.63 any
permit ip 172.16.4.128 0.0.0.63 any
!
!
!
!
control-plane
!
!
!
!
!
!
!
mgcp profile default
!
!
!
!
!
gatekeeper
shutdown
!
!
banner motd ^CNo Unathorised Access!!!^C
!
line con 0
password cisco
login
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
login local
transport input ssh
line vty 5 15
login local
transport input ssh
!
scheduler allocate 20000 1000
!
end

2 Accepted Solutions

Accepted Solutions

balaji.bandi
Hall of Fame
Hall of Fame

try below config - make sure you understand the config before you apply :


interface GigabitEthernet0/0
shutdown
no ip address 172.16.4.145 255.255.255.252
no ip address
no ip nat inside
no shutdown
!
interface GigabitEthernet0/0.40
encapsulation dot1Q 40
ip address 172.16.4.145 255.255.255.252
ip nat inside
no shutdown
!
interface GigabitEthernet0/0.10
encapsulation dot1Q 10
ip address 192.168.1.1 255.255.255.192
ip nat inside
!
interface GigabitEthernet0/0.20
encapsulation dot1Q 20
ip address 192.168.1.65 255.255.255.192
ip nat inside
!
interface GigabitEthernet0/0.30
encapsulation dot1Q 30
ip address 192.168.1.129 255.255.255.192
ip nat inside
!
!
no ip route 0.0.0.0 0.0.0.0 10.10.10.0
no ip route 0.0.0.0 0.0.0.0 10.10.10.1
no ip access-list extended NAT-TRAFFIC
!
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/1 dhcp
!
access-list 10 permit 192.168.1.0 0.0.0.63
access-list 10 permit 192.168.64.0 0.0.0.63
access-list 10 permit 192.168.128.0 0.0.0.63
access-list 10 permit 172.16.4.128 0.0.0.63
!
ip nat inside source list 10 interface GigabitEthernet0/1 overload
!

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

I am not sure of the logic for BB in moving  172.16.4.145 255.255.255.252 from the physical interface to a subinterface. But I agree that he does address several serious issues in the original config:

- none of the subinterfaces included ip nat inside (probably the most significant issue).

- the configured static default routes (there is not anything else in the config about 10.10.10)

- changing the acl for NAT from an extended acl to a standard acl. I have seen issues when nat was configured with an extended acl which permitted "any".

HTH

Rick

View solution in original post

5 Replies 5

you config is prefect except you missing 
ip nat inside static source list ....interface overload 

balaji.bandi
Hall of Fame
Hall of Fame

try below config - make sure you understand the config before you apply :


interface GigabitEthernet0/0
shutdown
no ip address 172.16.4.145 255.255.255.252
no ip address
no ip nat inside
no shutdown
!
interface GigabitEthernet0/0.40
encapsulation dot1Q 40
ip address 172.16.4.145 255.255.255.252
ip nat inside
no shutdown
!
interface GigabitEthernet0/0.10
encapsulation dot1Q 10
ip address 192.168.1.1 255.255.255.192
ip nat inside
!
interface GigabitEthernet0/0.20
encapsulation dot1Q 20
ip address 192.168.1.65 255.255.255.192
ip nat inside
!
interface GigabitEthernet0/0.30
encapsulation dot1Q 30
ip address 192.168.1.129 255.255.255.192
ip nat inside
!
!
no ip route 0.0.0.0 0.0.0.0 10.10.10.0
no ip route 0.0.0.0 0.0.0.0 10.10.10.1
no ip access-list extended NAT-TRAFFIC
!
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/1 dhcp
!
access-list 10 permit 192.168.1.0 0.0.0.63
access-list 10 permit 192.168.64.0 0.0.0.63
access-list 10 permit 192.168.128.0 0.0.0.63
access-list 10 permit 172.16.4.128 0.0.0.63
!
ip nat inside source list 10 interface GigabitEthernet0/1 overload
!

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

I am not sure of the logic for BB in moving  172.16.4.145 255.255.255.252 from the physical interface to a subinterface. But I agree that he does address several serious issues in the original config:

- none of the subinterfaces included ip nat inside (probably the most significant issue).

- the configured static default routes (there is not anything else in the config about 10.10.10)

- changing the acl for NAT from an extended acl to a standard acl. I have seen issues when nat was configured with an extended acl which permitted "any".

HTH

Rick

I am not sure of the logic for BB in moving  172.16.4.145 255.255.255.252

I move this to make it neat since OP uses sub-interfaces for other subnets.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

I am glad that our suggestions have been helpful. Thank you for marking this question as solved. This will help other participants in the community to identify discussions which have helpful information. This community is an excellent place to ask questions and to learn about networking. I hope to see you continue to be active in the community.

HTH

Rick

Review Cisco Networking for a $25 gift card