Hi Jon,

 

I tried with the "ip nat inside source list 1 interface VLAN 8 overload" with no success. Still no Internet on LAN

Hi,

Are you able to successfully ping to 8.8.8.8 from the router console using the source VLAN 8? Which is a device "10.70.70.1"? 

 

Regards,

Deepak Kumar

VOIS_ROUTER#ping 8.8.8.8 source vlan 8
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
Packet sent with a source address of 10.70.70.254
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/20/20 ms

Yes I'm able to ping

Hello,

 

which physical interface(s) on the ASR are your clients connected to ?

Clients are connected on interface gi0/0 and the WAN port is gi0/7. 

Hello,

 

try and change:

 

interface GigabitEthernet0/0
no ip address
negotiation auto
service instance 1 ethernet
encapsulation untagged
bridge-domain 1

 

to

 

interface GigabitEthernet0/0
no ip address
negotiation auto
service instance 1 ethernet
encapsulation dot1q 1 untagged
bridge-domain 1

Would you post the updated config? Also would you post output of the commands show ip route and show arp?

 

HTH

 

Rick

VOIS_ROUTER#show runn
Building configuration...

Current configuration : 2892 bytes
!
! Last configuration change at 15:55:18 UTC Mon Mar 25 2019
! NVRAM config last updated at 15:54:29 UTC Mon Mar 25 2019
!
version 15.4
service timestamps debug datetime msec
service timestamps log datetime msec
asr901-platf-multi-nni-cfm
!
hostname VOIS_ROUTER
!
boot-start-marker
boot-end-marker
!
no aaa new-model
ip cef
!
!
ip dhcp pool vois_pool
network 192.168.20.0 255.255.255.0
default-router 192.168.20.1
dns-server 8.8.8.8 8.8.4.4
lease 0 1
!
!
!
ip name-server 8.8.8.8
ip name-server 8.8.4.4
no ipv6 cef
!
!
!
!
!
!
!
multilink bundle-name authenticated
l3-over-l2 flush buffers
!
!
spanning-tree mode pvst
spanning-tree extend system-id
license accept end user agreement
license boot level AdvancedMetroIPAccess
!
!
!
!
!
interface GigabitEthernet0/0
no ip address
negotiation auto
service instance 1 ethernet
encapsulation untagged
bridge-domain 1
!
!
interface GigabitEthernet0/1
no ip address
negotiation auto
service instance 2 ethernet
encapsulation untagged
bridge-domain 2
!
!
interface GigabitEthernet0/2
no ip address
shutdown
negotiation auto
!
interface GigabitEthernet0/3
no ip address
shutdown
negotiation auto
!
interface GigabitEthernet0/4
no ip address
shutdown
negotiation auto
!
interface GigabitEthernet0/5
no ip address
shutdown
negotiation auto
!
interface GigabitEthernet0/6
no ip address
shutdown
negotiation auto
!
interface GigabitEthernet0/7
no ip address
negotiation auto
service instance 8 ethernet
encapsulation untagged
bridge-domain 8
!
!
interface GigabitEthernet0/8
no ip address
shutdown
negotiation auto
!
interface GigabitEthernet0/9
no ip address
shutdown
negotiation auto
!
interface GigabitEthernet0/10
no ip address
shutdown
negotiation auto
!
interface GigabitEthernet0/11
no ip address
shutdown
negotiation auto
!
interface TenGigabitEthernet0/0
no ip address
shutdown
!
interface TenGigabitEthernet0/1
no ip address
shutdown
!
interface FastEthernet0/0
no ip address
shutdown
!
interface Vlan1
ip address 192.168.20.1 255.255.255.0
!
interface Vlan8
ip address 10.70.70.254 255.255.250.0
ip nat outside
!
ip nat inside source list 1 interface Vlan8 overload
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 10.70.70.1
!
access-list 1 permit 192.168.20.0 0.0.0.255
!
!
!
control-plane
!
environment monitor
!
!
end

VOIS_ROUTER#







VOIS_ROUTER#show arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 10.70.70.1 0 6c3b.6b60.1866 ARPA Vlan8
Internet 10.70.70.3 0 e48d.8c6d.6648 ARPA Vlan8
Internet 10.70.70.254 - f07f.068a.e710 ARPA Vlan8
Internet 192.168.20.1 - f07f.068a.e710 ARPA Vlan1
Internet 192.168.20.2 0 f8a9.639b.2d64 ARPA Vlan1
VOIS_ROUTER#


VOIS_ROUTER#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override

Gateway of last resort is 10.70.70.1 to network 0.0.0.0

S* 0.0.0.0/0 [1/0] via 10.70.70.1
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.70.70.0/24 is directly connected, Vlan8
L 10.70.70.254/32 is directly connected, Vlan8
192.168.20.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.20.0/24 is directly connected, Vlan1
L 192.168.20.1/32 is directly connected, Vlan1
VOIS_ROUTER#


Tried with encapsulation dot1q 1 untagged, but the client cannot get the IP address at all.

Hi,

Can you try with:

!

no ip nat inside source list 1 interface Vlan8 overload

!

Ip access-list standard 2

permit any 

!

ip nat inside source list 2 interface vlan 8 overload

!

 

Regards,

Deepak Kumar

Hi Deepak,
As per the suggestion, I've changed the configuration as following, Still, it is not working.
ip nat inside source list 2 interface Vlan8 overload
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 10.70.70.1
!
access-list 2 permit any
!

Hi,

Let do more tshoot on client machine:

 

Open CMD and run a command:

1. Ipconfig /all

2. route -4 print

3. tracert 8.8.8.8

 

Share all logs with us.

Regards,

Deepak Kumar

Hi,

One more point:

interface Vlan1
ip address 192.168.20.1 255.255.255.0

IP NAT Inside

!

I think you removed this command. And please verify that 10.10.10.71 is the next-hop address for WAN (default route).

 

Regards,
Deepak Kumar

 

Hello,

 

small detail maybe, but try and add:

 

ip dhcp excluded-address 192.168.20.1

 

to your configuration...