cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2309
Views
15
Helpful
7
Replies

C892FSP-K9 configuration

diegog
Level 1
Level 1

Hello everyone,

I'm having some issues with my router.  I'm trying to connect it to the internet, I can ping to google.com but on the other hand, when I connect a machine in interface G1, I don't have internet connectivity, I think the problem is in interface g1. I don't understand this router, it has 2 wan ports and 8 L2 ports. 

My configuration is below.

Wan Interface G9

Public IP 24.XX.XXX.106

Route 24.XX.XXX.105

DHCP Server 192.168.1.115

 

R1(config)# interface g9

R1(config-if)# ip address 24.XX.XXX.106 255.255.255.252

R1(config-if)# ip nat outside

R1(config-if)# no shut

R1(config-if)# ip route 0.0.0.0 0.0.0.0 24.XX.XXX.105

  

R1(config)# interface vlan 1

R1(config-if)# ip address 192.168.1.1 255.255.255.0

R1(config-if)# ip nat inside

R1(config)# interface g1

R1(config-if)# switchport mode access

R1(config-if)# switchport access vlan1

R1(config)# access-list 10 permit 192.168.0.0 0.0.0.255

R1(config)# access-list 10 permit 10.0.0.0 0.0.0.255

R1(config)# ip nat inside source list 10 interface g1 overload

R1(config)# interface vlan1

R1(config-if)# ip helper-address 192.168.1.115

7 Replies 7

Mark Malone
VIP Alumni
VIP Alumni

Hey

hmm why is the NAT set to to G1 , that should be pointing to the G9 as that's the WAN interface

R1(config)# ip nat inside source list 10 interface g1 overload

change to

R1(config)# ip nat inside source list 10 interface g9 overload

Hi Mark,

You are absolutely right, I'll try that tomorrow morning and I'll let you know if it works.

Thanks

Hi Mark,

Do you think vlan1 and g1 are configured in the correct way?

Thanks

Hi

Yes but you shouldn't have to specify access vlan 1 as the port as all layer 2 ports by default are assigned to vlan 1 unless changed

where is your dhcp server is it on 192.168.1.x/24 if it is then the vlan does not require a helper address this is only so packets can switch from broadcast dhcp to unicast dhcp to find a dhcp server in another subnet

your acl is wrong too its /24 subnet in vlan 1 192.168.1.x/24 , your acl is 192.168.0.x for NAT

.....

so in short this below should do it , nat inside on vlan , nat outside on wan , point overload to wan interface and allow vlan subnet to be natted to get to outside public networks

Let me know how that goes

R1(config)# interface vlan 1

R1(config-if)# ip address 192.168.1.1 255.255.255.0

R1(config-if)# ip nat inside

R1(config)# interface g9

R1(config-if)# ip address 24.XX.XXX.106 255.255.255.252

R1(config-if)# ip nat outside

R1(config)# access-list 10 permit 192.168.1.0 0.0.0.255

R1(config)# ip nat inside source list 10 interface g9 overload

R1(config-if)# ip route 0.0.0.0 0.0.0.0 24.XX.XXX.105

Mark,

I'm gonna try this next Saturday because I can't stop internet know but for sure I'll let you know how it goes.

Thank you very much again.

no problem good luck with it

Hi Mark,

once again, you were right, it is working!. 

Just to remember, I have some ports to forward

ip nat inside source static tcp 192.168.1.x 1190 interface g9  1190

ip nat inside source static udp 192.168.1.x 1190 interface g9  1190

Do you think we need ACL as well?

access-list 11 permit tcp any any range 0 65535

access-list 11 permit udp any any range 0 65535

Thank you, I appreciate a lot your help