02-09-2012 10:53 PM - edited 03-04-2019 03:12 PM
I have configure 887 ADSL router with attached configuration. But users cant access internet properly. (Ex: yahoo and gmail mail cant access)
Therefore please check the configuration with my network design which I have attached.
Thank you,
Chandimal.K
Solved! Go to Solution.
02-13-2012 01:23 AM
Hi,
I don't see any problem in your config and if you said you made the changes I proposed then it must another problem.
Can you sniff the interface of the PC wile trying to browse the URLs which aren't working and post the capture file here
Can you also verify is NAT is working ok for these sites: debug ip nat along with sh ip nat trans
Regards.
Alain
02-15-2012 01:36 AM
Hi,
Don't forget to rate helpful posts and to mark the thread as solved.
Regards.
Alain
02-09-2012 11:32 PM
can you please help me this is the configuration.
! Last configuration change at 09:08:08 UTC Tue Dec 13 2011
!
version 15.1
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname SLIT-ADSL-ROUTER
!
boot-start-marker
boot-end-marker
!
!
enable password 212145215412
!
no aaa new-model
memory-size iomem 10
ip source-route
!
!
!
!
!
ip cef
ip name-server 222.165.171.3
ip name-server 222.165.171.2
ip name-server 203.115.0.46
no ipv6 cef
!
!
crypto pki token default removal timeout 0
!
crypto pki trustpoint TP-self-signed-2902486822
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2902486822
revocation-check none
!
!
crypto pki certificate chain TP-self-signed-2902486822
certificate self-signed 01
30820248 308201B1 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 32393032 34383638 3232301E 170D3131 31323133 30383133
33315A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 39303234
38363832 3230819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
81009070 3302F57C D5820174 D339F873 194064D5 66ECDF62 07AC25F2 1922FB76
B7D0532F 3CE5139E 19DE0286 85C6DE7B 35CBE372 EEEFCB6A DE0DA942 63EA2A27
202809E8 22620B24 DF4FD30C 3E7B3EAB 4C7C1983 3ABD982C C05EA6D1 C0A30ECD
F0E1AA19 B6ACA00E 9366AD71 BC8311C8 694C1048 A76854C3 451D8839 A17CB0BC
C6CB0203 010001A3 70306E30 0F060355 1D130101 FF040530 030101FF 301B0603
551D1104 14301282 10534C49 542D4144 534C2D52 4F555445 52301F06 03551D23
04183016 8014012D 71D7302D 2C7A52E6 97215CE4 4AC9E26B 0A31301D 0603551D
0E041604 14012D71 D7302D2C 7A52E697 215CE44A C9E26B0A 31300D06 092A8648
86F70D01 01040500 03818100 1D57E612 EA3F4C85 53AC8DD4 246ACA85 C8CB4FC1
D4655B90 550B9D06 2C6186E8 30DF2564 01B9D2A1 272491E5 DE0AC5C9 B01FC027
F2F06193 358B75DB A046D115 9295420F 1A1EA0F7 1DBCA77E 3F7C61E2 1C921568
F47A2506 5DDE0E5F AA535D8B A826819F 0BC49454 1AA939B0 E5B2B883 D5BFCC71
D27589CE 4308C751 D52DB1C5
quit
license udi pid CISCO887VA-K9 sn FGL151921P1
!
!
username softlogic privilege 15 password 0 ipsec123
!
!
controller VDSL 0
!
!
!
!
!
interface Ethernet0
no ip address
shutdown
no fair-queue
!
interface ATM0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
no atm ilmi-keepalive
!
interface ATM0.1 point-to-point
description $ADSL_OUTSIDE$
ip flow ingress
pvc 8/35
pppoe-client dial-pool-number 1
!
!
interface FastEthernet0
switchport access vlan 110
!
interface FastEthernet1
switchport access vlan 110
!
interface FastEthernet2
switchport access vlan 110
!
interface FastEthernet3
switchport access vlan 110
!
interface Vlan1
no ip address
!
interface Vlan110
ip address 10.0.0.254 255.255.255.0
ip nat inside
no ip virtual-reassembly in
!
interface Dialer0
ip address 220.247.236.140 255.255.255.0
ip mtu 1452
ip nat outside
ip virtual-reassembly in
encapsulation ppp
dialer pool 1
dialer string 0000000
dialer-group 1
ppp pap sent-username rm2622896@sltbb password 0 2622896
ppp ipcp dns request
ppp ipcp address accept
!
ip default-gateway 220.247.232.102
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
!
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source static 10.0.0.100 220.247.236.140
ip route 0.0.0.0 0.0.0.0 Dialer0
ip route 192.168.1.0 255.255.255.0 10.0.0.1
!
logging esm config
access-list 1 permit 10.0.0.0 0.0.0.255
dialer-list 1 protocol ip permit
!
!
!
!
!
control-plane
!
02-10-2012 12:33 AM
Hi,
can you try this:
int dialer0
no ip mtu 1452
ip mtu 1492
int vlan 110
ip tcp adjust-mss 1452
Regards.
Alain
02-10-2012 02:01 AM
Hi Aliain,
Thank you very much, i'll check it and let you know.
Anyway is there any problem with my NAT rule? i have only one public ip that i have to use for email server access like i mention on the config.
if i use nat command with "extendable" key word what is the differnt?
thank you
Chandimal.K
02-10-2012 02:24 AM
Hi,
The extendable keyword is used when you have ambiguous translations like for example you are natting the same service on 2 different public IPs when doing dual ISPs for redundancy/failover.
Regards.
Alain
02-12-2012 07:08 PM
Hi,
Thank you Alain, Is there any other problem with my configuration? I have change the configuration as you told but problem still same. Still some web sites cant access via this ADSL router. Therefore can yu please check my configuration one by one , I really appreciate.
For example:
I have mention the my public ip address on interface Dialer0, is it ok?
“interface Dialer0
ip address 220.247.236.140 255.255.255.0”
also I have mention my public ip address on static nat, without putting “interface Dialer0” is is right?
“ ip nat inside source static 10.0.0.100 220.247.236.140”
Please if any one have some quality time, check my configuration and help me
Thank you,
Chandimal.K
02-13-2012 01:23 AM
Hi,
I don't see any problem in your config and if you said you made the changes I proposed then it must another problem.
Can you sniff the interface of the PC wile trying to browse the URLs which aren't working and post the capture file here
Can you also verify is NAT is working ok for these sites: debug ip nat along with sh ip nat trans
Regards.
Alain
02-14-2012 07:11 PM
Hi Alain,
Thank you very much sir, your solution works. So its due to the mtu size problem. So agine thank you very much for your knowledge sharing.
Chandimal.K
02-15-2012 01:36 AM
Hi,
Don't forget to rate helpful posts and to mark the thread as solved.
Regards.
Alain
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide