I am still relatively new at this but could someone give me a hand with the ASR901 config? I can get a DHCP address from the ASR but still can get to the internet
Current configuration : 4101 bytes
!
! Last configuration change at 21:17:54 PDT Fri Jun 27 2014
!
version 15.6
no service pad
service timestamps debug datetime msec
service timestamps log datetime localtime show-timezone
service password-encryption
!
hostname ASR901
!
boot-start-marker
boot-end-marker
!
!
logging buffered 524288
!
aaa new-model
!
!
aaa authentication enable default none
aaa authentication ppp default local
aaa authorization exec default none
aaa authorization commands 0 default none
aaa authorization commands 15 default none
!
!
!
!
!
aaa session-id common
clock timezone PST -8 0
clock summer-time PDT recurring
no ip source-route
ip cef
!
ip dhcp bootp ignore
!
ip dhcp pool 10.1.1.0/24
network 10.1.1.0 255.255.255.0
default-router 10.1.1.1
domain-name mdew.local
dns-server 10.1.1.1
!
!
!
no ip bootp server
ip domain name mdew.local
no ipv6 cef
!
!
!
!
!
!
!
multilink bundle-name authenticated
l3-over-l2 flush buffers
asr901-storm-control-bpdu 1000
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
license udi pid A901-12C-F-D sn CAT2047U0WX
license boot level AdvancedMetroIPAccess
username admin privilege 15 password 7 15352B1E002F25256B6A6C
bridge-domain 10
bridge-domain 11
!
cdp run
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface GigabitEthernet0/0
no ip address
shutdown
negotiation auto
!
interface GigabitEthernet0/1
no ip address
shutdown
negotiation auto
!
interface GigabitEthernet0/2
no ip address
shutdown
negotiation auto
!
interface GigabitEthernet0/3
no ip address
shutdown
negotiation auto
!
interface GigabitEthernet0/4
no ip address
shutdown
media-type auto-select
negotiation auto
!
interface GigabitEthernet0/5
description WAN Interface
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
negotiation auto
cdp enable
service instance 10 ethernet
description DIA WAN Subinterface
encapsulation untagged
ip access-group Internet-IN in
bridge-domain 10
!
!
interface GigabitEthernet0/6
no ip address
shutdown
media-type auto-select
negotiation auto
!
interface GigabitEthernet0/7
description DIA LAN Port
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
negotiation auto
service instance 11 ethernet
description DIA LAN
encapsulation untagged
bridge-domain 11
!
!
interface GigabitEthernet0/8
no ip address
shutdown
negotiation auto
qos-config scheduling-mode min-bw-guarantee
!
interface GigabitEthernet0/9
no ip address
shutdown
negotiation auto
qos-config scheduling-mode min-bw-guarantee
!
interface GigabitEthernet0/10
no ip address
shutdown
negotiation auto
qos-config scheduling-mode min-bw-guarantee
!
interface GigabitEthernet0/11
no ip address
shutdown
negotiation auto
qos-config scheduling-mode min-bw-guarantee
!
interface FastEthernet0/0
no ip address
shutdown
!
interface Vlan1
no ip address
shutdown
!
interface Vlan10
description DIA WAN
ip address dhcp
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
!
interface Vlan11
description DIA LAN
ip address 10.1.1.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
!
interface Vlan100
no ip address
shutdown
!
ip nat inside source static 10.0.0.0 interface Vlan100
ip nat inside source list NAT interface Vlan10 overload
no ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
ip dns server
ip ssh port 8022 rotary 1
ip ssh version 2
ip ssh server algorithm encryption aes128-ctr aes192-ctr aes256-ctr
ip ssh client algorithm encryption aes128-ctr aes192-ctr aes256-ctr
!
ip access-list extended Internet-IN
deny udp any any eq domain
deny tcp any any eq domain
permit ip any any
ip access-list extended NAT
deny udp any any eq domain
deny tcp any any eq domain
permit ip any any
ip access-list extended SSH
!
!
!
!
!
!
control-plane
!
environment monitor
!
line con 0
logging synchronous
line vty 0 4
access-class SSH in
logging synchronous
rotary 1
transport input ssh
line vty 5 15
access-class SSH in
logging synchronous
rotary 1
transport input ssh
!
exception crashinfo buffersize 128
!
!
end
ASR901#ping 166.246.200.2** source 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 166.246.200.2**, timeout is 2 seconds:
Packet sent with a source address of 10.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 220/234/252 ms
ASR901#sho ip na
ASR901#sho ip nat tr
ASR901#sho ip nat translations
Pro Inside global Inside local Outside local Outside global
icmp 192.168.0.179:1024 10.1.1.1:11 166.246.200.2**:11 166.246.200.2**:1024
ASR901#sho arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 10.1.1.1 - 286f.7f9e.1718 ARPA Vlan11
Internet 10.1.1.2 0 9ceb.e849.b474 ARPA Vlan11
Internet 192.168.0.1 0 2a30.4440.1ced ARPA Vlan10
Internet 192.168.0.179 - 286f.7f9e.1718 ARPA Vlan10
ASR901#sho ip int br
Interface IP-Address OK? Method Status Protocol
GigabitEthernet0/0 unassigned YES unset administratively down down
GigabitEthernet0/1 unassigned YES unset administratively down down
GigabitEthernet0/2 unassigned YES unset administratively down down
GigabitEthernet0/3 unassigned YES unset administratively down down
GigabitEthernet0/4 unassigned YES unset administratively down down
GigabitEthernet0/5 unassigned YES manual up up
GigabitEthernet0/6 unassigned YES unset administratively down down
GigabitEthernet0/7 unassigned YES manual up up
GigabitEthernet0/8 unassigned YES unset administratively down down
GigabitEthernet0/9 unassigned YES unset administratively down down
GigabitEthernet0/10 unassigned YES unset administratively down down
GigabitEthernet0/11 unassigned YES unset administratively down down
FastEthernet0/0 unassigned YES unset administratively down down
Vlan1 unassigned YES unset administratively down down
Vlan10 192.168.0.179 YES DHCP up up
Vlan11 10.1.1.1 YES manual up up
Vlan100 unassigned YES unset administratively down down
