Cisco 886VA cant assign port to IP

arisen · ‎12-28-2016

Hey all,

i've just started my Cisco Router 886VA with factory settings. I am willing to assign port fastethernet 0 to an ip address. This port is connected to my laptop which acts as a nat between the router and the Cisco machine. All fastethernet ports are assigned to vlan1 (by default) and when i try to assign the ip i get the error:

% IP addresses may not be configured on L2 links.

Why is that happening?

In my second scenario, i want to retrieve an ip addresse per dhcp from my first router (edge router communicating with PPPoE) and use the 3 other ports as an internal LAN. Additionally, i want to have NAT functionality: fastethernet0 is my outside and the vlan over the 3 other ports are my inside.

Would be thankful for any help!

Alex

Here are my config:

Current configuration : 1160 bytes
!
! Last configuration change at 04:57:50 UTC Thu Dec 29 2016
version 15.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
enable secret 5 $1$rORl$wGT8E0KJpt0vqZ3uHZPrq1
enable password joblo&1!
!
no aaa new-model
memory-size iomem 10
!
!

!
!
!
!
!
!

!
!
!
!
ip cef
no ipv6 cef
!
!
multilink bundle-name authenticated
license udi pid CISCO886VA-SEC-K9 sn FCZ1623C0UG
!
!
!
!
!
!

controller VDSL 0
!
!
!
!
!
!
!
!
!
!
interface Ethernet0
no ip address
shutdown
!
interface BRI0
no ip address
encapsulation hdlc
shutdown
isdn termination multidrop
!
interface ATM0
no ip address

shutdown
no atm ilmi-keepalive
!
interface FastEthernet0
no ip address
!
interface FastEthernet1
no ip address
!
interface FastEthernet2
no ip address
!
interface FastEthernet3
no ip address
!
interface Vlan1
no ip address
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!

!
!
!
!
!
control-plane
!
!
!
line con 0
no modem enable
line aux 0
line vty 0 4
password jublo&1!!
login
transport input all
!
!

Mark Malone · ‎01-02-2017

hi its a layer 2 port only you cant set an ip on it , that's by design only the f4 can have an ip or create a vlan ip address at layer 3 (vlan 1 should be there already ) and assign the port to it

http://www.cisco.com/en/US/docs/routers/access/800/850/software/configuration/guide/pppoenat.html

This is an example but generally should get you going for pppoe with nat and dhcp , thisd is an example so you will need to tweak it for your ips etc , you don't need the nat pool and and you should use a default route to your next hop ip

vpdn enable 
vpdn-group 1 
request-dialin 
protocol pppoe 
! 
interface vlan 1 
ip address 192.168.1.1 255.255.255.0 
no ip directed-broadcast (default) 
ip nat inside

interface FastEthernet 4 
no ip address  
no ip directed-broadcast (default) 
ip nat outside 
pppoe enable group global 
pppoe-client dial-pool-number 1 
no sh

! 
interface dialer 1 
ip address negotiated 
ip mtu 1492 
encapsulation ppp 
ppp authentication chap 
dialer pool 1 
dialer-group 1 
! 
dialer-list 1 protocol ip permit 
ip nat inside source list 1 interface dialer 0 overload 
ip classless (default) 
ip route 10.10.25.2 255.255.255.255 dialer 0

ip nat pool pool1 192.168.1.0 192.168.2.0 netmask 255.255.252.0 
ip nat inside source list acl1 pool pool1

arisen · ‎01-05-2017

Well, it is still not working.

Again: my settings are like the following: FastEthernet3 is connect to another home router, i should retrieve an IPv4 address per DHCP which is working (192.168.1.8). I assigned this port to Vlan 3 and this should be nat ouside since i want to nat from vlan 3 to vlan1. Now, i setup a dhcp pool 192.168.100.1 for 3 the other 3 ports: FastEthernet 0-2, they are assigned to Vlan1, which is nat inside.

I am not becoming connection on my computer which is connected to FastEthernet 1 (but still having an address from the pool). what shall i do?

Debugging info: NAT translation is failing !!!

So altogether, i am trying to enable NAT between vlan1 (inside) to vlan3 (outside)

Why am not able to connect or at all ping the home router???

Would be thankful for any help!

Here are my configuration:

Building configuration...

Current configuration : 1689 bytes
!
! Last configuration change at 23:24:01 UTC Thu Jan 5 2017
version 15.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname x
!
boot-start-marker
boot-end-marker
!
!
enable secret 5 $1$34LK$ekdCKQuEmravI.qziPae7.
enable password xxxxxx!
!
no aaa new-model
memory-size iomem 10
!
!
!
!
!
!

!
ip dhcp excluded-address 192.168.100.210 192.168.100.253
ip dhcp excluded-address 192.168.100.1 192.168.100.50
!
ip dhcp pool LAN
network 192.168.100.0 255.255.255.0
default-router 192.168.100.1
dns-server 8.8.8.8
!
!
!
ip cef
no ipv6 cef
!
!
multilink bundle-name authenticated
license udi pid xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
!
!
!
!
!
!
!
controller VDSL 0
!
!
!
!
!
!
!
!
!
!
interface Ethernet0
no ip address
no ip route-cache
shutdown
!
interface BRI0
no ip address
encapsulation hdlc
shutdown
isdn termination multidrop
!
interface ATM0
no ip address
shutdown
no atm ilmi-keepalive
!
interface FastEthernet0
no ip address
!
interface FastEthernet1
no ip address
!
interface FastEthernet2
no ip address
!
interface FastEthernet3
description Extern-Router
switchport access vlan 3
no ip address
!
interface Vlan1
description inside
ip address 192.168.100.1 255.255.255.0
no ip redirects
ip nat inside
ip virtual-reassembly in
ip tcp adjust-mss 1412
!
interface Vlan3
ip address dhcp
ip nat outside
ip virtual-reassembly in
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip route 0.0.0.0 0.0.0.0 192.168.1.1
!
!
!
control-plane
!
!
!
line con 0
no modem enable
line aux 0
line vty 0 4
password xxxxxxxxxxxxxx
login
transport input all
!

Mark Malone · ‎01-06-2017

For pppoe your public ip address should sit on the Cisco router interface and not be receiving a private ip address from your modem it should be poushing the public back to the dialer interface that's where your public ip address should be , put the modem in bridge mode and it will pull the public ip address back to the Cisco router , you need a dialer interface as its ppp

you have ip nat outside on a private interface and I don't see any pppoe settings setup ? your nat overload is not in place either so nat is not even doing anything

did your ISP give you pppoe settings password / username to connect to their circuit

!!!!! Configure Router as PPPoE Client to the ISP

vpdn enable

!

vpdn-group 1

request-dialin

protocol pppoe

!!!!!

!

interface Ethernet0

description My LAN Interface

ip address 10.10.10.1 255.255.255.0

!!!! When NAT/PAT occurs, this interface is the source candidate (inside local)

ip nat inside

!!!!

no ip mroute-cache

no cdp enable

!

interface Ethernet1

description Physical ADSL Interface (Facing the ISP)

no ip address

no ip mroute-cache

!!!! Ties this interface to the Dialer interface

pppoe enable

pppoe-client dial-pool-number 1

!!!!

no cdp enable

!

interface Serial0

no ip address

no ip mroute-cache

shutdown

no cdp enable

!

interface Serial1

no ip address

no ip mroute-cache

shutdown

no cdp enable

!

interface Dialer1

description Logical ADSL Interface

ip address negotiated

ip mtu 1492

!!!! When NAT/PAT occurs, this interface is the destination candidate (inside global)

ip nat outside

!!!!

encapsulation ppp

ip tcp adjust-mss 1452

no ip mroute-cache

!!!!! Ties this logical interface to the proper physical interface

dialer pool 1

!!!!!

!!!!! Passing the protocol allowed by the "dialer-list" command

dialer-group 1

!!!!!

no cdp enable

ppp authentication chap pap callin

ppp chap hostname [your username, provided by ISP]

ppp chap password 0 [your username password, given by ISP]

ppp pap sent-username [the username] password 0 [the password]

!!!! Default Gateway to the ISP

!!!! PAT subnets allowed by the ACL 10

ip nat inside source list 10 interface Dialer1 overload

!!!!

no ip http server

ip classless

!!!!

!

!!!! ACL 10 determines which subnet to be PATed

access-list 10 permit 10.10.10.0 0.0.0.255

!!!!

!!!! Determine which protocol to pass through

dialer-list 1 protocol ip permit

!!!!

no cdp run

!