I add but ping still missing, SUCCESS RATE IS 0 PERCENT (0/5)

in router do traceroute 8.8.4.4
share result here 

MHM

1 *  * *

2 * * *

3 * * *

And still to 20 (I stop it)

the ISP is not respond to ICMP 
let do other check 
add to router
ip domain-lookup
ip name-server 8.8.8.8 

then do 

Router#debug ip domain detail
Router#google.com

the debug must show the google name resolve to IP 
MHM 

sorry there is issue with your ISP it not router or config 
the  ISP is deny any traffic no ping no traceroute no even DNS UDP53 
contact ISP and explain the issue. 
thanks a lot 

MHM

Thank you for your time, the only thing that seems strange to me is that the Cisco 2921 router works fine, with the same ISP, same modem, at this point I disconnected the 4351 router from the modem and connected the 2921 and it worked normally.

wait a min 
can you share last config you use ?

MHM

this last, right now download it

Building configuration...

Current configuration : 2084 bytes
!
! Last configuration change at 18:59:19 UTC Thu Jun 27 2024
!
version 16.6
service timestamps debug datetime msec
service timestamps log datetime msec
platform qfp utilization monitor load 80
no platform punt-keepalive disable-kernel-core
!
hostname R1
!
boot-start-marker
boot-end-marker
!
!
vrf definition Mgmt-intf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
enable secret 5 xxxxxxxxxxxxxxxxxx
enable password xxxxxxxxxxxxxxxxxxxxx
!
no aaa new-model
!
!
!
ip name-server 8.8.8.8

!
subscriber templating
!
!
multilink bundle-name authenticated

!
license udi pid ISR4351/K9 sn xxxxxxxxxxxxxxxxx
diagnostic bootup level minimal
spanning-tree extend system-id
!
!
!
username xxxxxxxxxxxxxx privilege 15 secret 9 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
!
redundancy
mode none
!

!
interface GigabitEthernet0/0/0
ip address dhcp hostname R1
ip nat outside
negotiation auto
spanning-tree portfast disable
ip virtual-reassembly
!
interface GigabitEthernet0/0/1
ip address 192.168.1.1 255.255.255.0
ip nat inside
negotiation auto
ip virtual-reassembly
!
interface GigabitEthernet0/0/2
no ip address
shutdown
negotiation auto
!
interface GigabitEthernet0
vrf forwarding Mgmt-intf
no ip address
shutdown
negotiation auto
!
ip nat inside source list 1 interface GigabitEthernet0/0/0 overload
ip nat inside source list 20 interface GigabitEthernet0/0/0 overload
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip tftp source-interface GigabitEthernet0
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0/0
!
ip ssh server algorithm encryption aes128-ctr aes192-ctr aes256-ctr
ip ssh client algorithm encryption aes128-ctr aes192-ctr aes256-ctr
!
access-list 20 permit 192.168.1.0 0.0.0.255
!
!
route-map track-primary-if permit 1
match ip address 197
set interface GigabitEthernet0/0/0
!
control-plane
!
!
line con 0
transport input none
stopbits 1
line aux 0
stopbits 1
line vty 0 4
password xxxxxxxxx
login

!
end

I was suspect about you add ACL under interface, there is no such this ACL anymore 
so we return there is nothing in your config, contact ISP it can have ACL for Mac address and accept only the old router when you connect new one the ACL deny any traffic. 

Goodluck

MHM

Definitely tomorrow I will call and ask for flush dns and refresh the modem

Thanks for your help, I already managed to ping from my WAN interface but now I have no ping or connection from my lan gig0/0/1, what command am I missing?

Building configuration...

Current configuration : 2558 bytes
!
! Last configuration change at 05:13:27 EST Fri Jul 5 2024
! NVRAM config last updated at 05:00:47 EST Fri Jul 5 2024
!
version 16.6
service timestamps debug datetime msec
service timestamps log datetime msec
platform qfp utilization monitor load 80
no platform punt-keepalive disable-kernel-core
!
hostname R1
!
boot-start-marker
boot-end-marker
!
!
vrf definition Mgmt-intf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
enable secret 5 xxxxxxxxxxxxxxxxx
enable password xxxxxxxxxxxxxxxx
!
no aaa new-model
clock timezone EST -23 0
!

ip name-server 192.168.1.1
ip dhcp excluded-address 192.168.1.1 192.168.1.20
!
ip dhcp pool pool1
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1

!
subscriber templating
!

multilink bundle-name authenticated
passthru-domain-list jose
match www.cisco.com
match www.google.com
match 8.8.8.8
match 192.1681.1

!
license udi pid ISR4351/K9 sn xxxxxxxxxxx
diagnostic bootup level minimal
spanning-tree extend system-id
!

username xxxxxxxxxxxxxxxxxx privilege 15 secret 9 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
!
redundancy
mode none

!
interface GigabitEthernet0/0/0
ip address dhcp hostname R1
ip nat outside
negotiation auto
spanning-tree portfast disable
ip virtual-reassembly
!
interface GigabitEthernet0/0/1
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip access-group 20 out
negotiation auto
spanning-tree portfast disable
ip virtual-reassembly
!
interface GigabitEthernet0/0/2
no ip address
shutdown
negotiation auto
!
interface GigabitEthernet0
vrf forwarding Mgmt-intf
no ip address
shutdown
negotiation auto
!
ip nat inside source list 1 interface GigabitEthernet0/0/0 overload
ip nat inside source list 20 interface GigabitEthernet0/0/0 overload
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip tftp source-interface GigabitEthernet0
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0/0
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0/0 dhcp
!
ip ssh server algorithm encryption aes128-ctr aes192-ctr aes256-ctr
ip ssh client algorithm encryption aes128-ctr aes192-ctr aes256-ctr
!
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 20 permit 192.168.1.0 0.0.0.255
!
!
route-map track-primary-if permit 1
match ip address 197
set interface GigabitEthernet0/0/0

!
control-plane
!
!
line con 0
transport input none
stopbits 1
line aux 0
stopbits 1
line vty 0 4
password xxxxxxxxxxxxxx
login

!
end

I remove the old line and add suggestion line but still same, not ping outside

As per the config i don't see below line - it was there in the original configuration

ip nat inside source list 1 interface GigabitEthernet0/0/0 overload

as i mentioned in the old post you need to start basic configuraiton and gradually improve the config based on the requirement. if the basic not working adding advanced config not going to help you and if you do not understand what that command does.

Lets start again :

From router you able to ping 8.8.8.8 ?

#ping 8.8.8.8 - is this works ?

#ping x.x.x.x (ISP gateway IP ?)

if that works then move to next level of my above command NAT.

If router not ping ISP or 8.8.8.8

check below commands :

#show ip interface brief (this give you if the ISP gave IP and Interface up)

#show ip route - this give you ISP route

Clear and simple config as below :

https://www.balajibandi.com/?p=1796