Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2904
Views
0
Helpful
17
Replies

Basic Internet Routing Configuration Help -- Cisco 2811

NgoJohn01
Level 1
Level 1

‎09-29-2014 08:44 PM - edited ‎03-04-2019 11:51 PM

Hi everyone,

I want to start by saying that I brought a Cisco 2811 Router to use at home and to practice advanced networking with. So far, I believe I've configured everything as it should be, however, I am not getting any internet connection.

DHCP is set up and working properly, I can lease addresses without issue.
Both interfaces are configured, fe0/1 with a static IP, and fe0/0 as a DHCP client.

I have connected fe0/0 directly to the Cable modem and it acquires an IP without issue. Connecting my laptop directly into fe0/1 allows my laptop to lease an IP from the router's DHCP server. So I know everything up to there is working properly. I've set up NAT as best I can with what I know, but I am still not getting the router to provide internet access. 

The following is my Router's Configuration. Does anything seem to be missing? I used Configuration Professional to set it up.

------------Begin Configuration-------------


Building configuration...


Current configuration : 2570 bytes
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname Network
!
boot-start-marker
boot-end-marker
!
security authentication failure rate 10 log
security passwords min-length 6
no logging buffered
logging console critical
enable secret 5 $1$4FJS$RQUEiWuTaMOAGhVx1O1Du0
enable password 7 046F03070C291D175F40
!
aaa new-model
!
!
aaa authentication login local_auth local
!
!
aaa session-id common
dot11 syslog
no ip source-route
no ip routing
no ip gratuitous-arps
!
!
no ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.100.1
!
ip dhcp pool Network
   import all
   network 192.168.100.0 255.255.255.0
   dns-server 4.2.2.2 4.2.2.1 
   lease 7
!
!
no ip bootp server
ip domain name Network
ip name-server 4.2.2.2
ip name-server 4.2.2.1
login block-for 5 attempts 5 within 1
!
multilink bundle-name authenticated
!
!
voice-card 0
 no dspfarm
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
username Admin password 7 1526035D5D7C72252B3B
archive
 log config
  hidekeys

!
!
!
!
!
!
!
interface FastEthernet0/0
 description $ETH-WAN$
 ip address dhcp client-id FastEthernet0/0
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip nat outside
 ip virtual-reassembly
 no ip route-cache
 duplex full
 speed auto
 no mop enabled
!
interface FastEthernet0/1
 ip address 192.168.100.1 255.255.255.0
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip nat inside
 ip virtual-reassembly
 no ip route-cache
 duplex full
 speed auto
 no mop enabled
!
ip forward-protocol nd
!
!
ip http server
no ip http secure-server
ip nat pool Network 192.168.100.1 192.168.100.254 netmask 255.255.255.0
ip nat inside source list 101 interface FastEthernet0/0 overload
!
!
logging trap debugging
logging facility local2
access-list 100 permit udp any any eq bootpc
access-list 101 remark INTERNET ACCESS THROUGH NAT
access-list 101 remark CCP_ACL Category=2
access-list 101 permit ip 192.168.100.0 0.0.0.255 any
dialer-list 1 protocol ip permit
snmp-server community public RO
no cdp run
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
banner motd ^C Welcome! ^C
!
line con 0
 login authentication local_auth
 transport output telnet
line aux 0
 exec-timeout 15 0
 login authentication local_auth
 transport output telnet
line vty 0 4
 password 7 107D0C1A10051B1F15
 login authentication local_auth
 transport input telnet
!
scheduler allocate 20000 1000
!
end

------------------End Configuration-------------------

 

Does anything seem amiss? Thank you all in advance for your help!

John

Labels:
0 Helpful
17 Replies 17

Richard Burts
Hall of Fame
Hall of Fame
In response to johnlloyd_13

‎10-02-2014 05:11 AM

John

 

ip routing was the major issue and I am glad that it is now cleared up. Things look much better on the router now.

The ping demonstrates that the router does have Internet access. If the PCs connected to the network do not have Internet access it might be caused by not having the correct default gateway or it might be caused by not having DNS. John Lloyd has made good suggestions that cover both of these issues.

 

If there is still a problem after you do what John suggests then I would ask you to do a tracert from a PC to an Internet destination (specifying it by name) and then another tracert from a PC to an Internet destination (specifying it by IP address).

 

HTH

 

Rick

HTH

Rick
0 Helpful

NgoJohn01
Level 1
Level 1
In response to Richard Burts

‎10-02-2014 07:27 AM

Hi Again,

I sent

dhcp pool Network

default-router 192.168.100.1

to the router and wrote it to config. I still didn't have internet access at first, so I followed John's tip and hooked up my machine to an old Catalyst 2849G switch I had laying around. The switch has no settings, just gets an ip from the router and does its own thing. After doing so, I do now have internet access. I'm using it to post this reply in fact.

Here are the results of ipconfig /all on my Ethernet NIC on my machine before even having the switch:
 

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : hsd1.ut.comcast.net.
   Description . . . . . . . . . . . : Intel(R) Ethernet Connection I217-LM
   Physical Address. . . . . . . . . : 54-EE-75-27-6F-06
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::7cdd:83b5:e603:127e%13(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.100.2(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, October 02, 2014 7:57:10 AM
   Lease Expires . . . . . . . . . . : Thursday, October 09, 2014 7:57:10 AM
   Default Gateway . . . . . . . . . :
   DHCP Server . . . . . . . . . . . : 192.168.100.1
   DHCPv6 IAID . . . . . . . . . . . : 290778741
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-B2-3D-AF-54-EE-75-27-6F-06

   DNS Servers . . . . . . . . . . . : 75.75.76.76
                                       75.75.75.75
   NetBIOS over Tcpip. . . . . . . . : Enabled

It seems everything was working as it should, but I didn't have internet access and windows still reported it as an unknown network.

After hooking up my Switch, Windows reported seeing 'Network' (From my router's host name, I presume?) and once I reset the modem, I had internet access. 

This was a huge learning experience and I am glad to have help from all of you. Is there anything else I can to do optimize my configurations? Also, why didn't I have internet access when directed hooked up to FastEthernet0/1 even though my machine acquired IP's and DNS info?

Here is another copy of the running config with today's changes:

---------------------Begin Configuration------------------------


Building configuration...


Current configuration : 2401 bytes
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname Network
!
boot-start-marker
boot-end-marker
!
security authentication failure rate 10 log
security passwords min-length 6
logging buffered 4096
logging console critical
enable secret 5 $1$4FJS$RQUEiWuTaMOAGhVx1O1Du0
enable password 7 046F03070C291D175F40
!
aaa new-model
!
!
aaa authentication login local_auth local
!
!
aaa session-id common
dot11 syslog
no ip source-route
no ip gratuitous-arps
!
!
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.100.1
!
ip dhcp pool Network
   import all
   network 192.168.100.0 255.255.255.0
   default-router 192.168.100.1 
   lease 7
!
!
no ip bootp server
ip domain name Network
login block-for 5 attempts 5 within 1
!
multilink bundle-name authenticated
!
!
voice-card 0
 no dspfarm
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
username Admin password 7 1526035D5D7C72252B3B
archive
 log config
  hidekeys

!
!
!
!
!
!
!
interface FastEthernet0/0
 description $ETH-WAN$
 ip address dhcp client-id FastEthernet0/0
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip nat outside
 ip virtual-reassembly
 duplex full
 speed auto
 no mop enabled
!
interface FastEthernet0/1
 ip address 192.168.100.1 255.255.255.0
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip nat inside
 ip virtual-reassembly
 duplex full
 speed auto
 no mop enabled
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 dhcp
!
!
ip http server
no ip http secure-server
ip nat pool Network 192.168.100.1 192.168.100.254 netmask 255.255.255.0
ip nat inside source list 10 interface FastEthernet0/0 overload
!
!
logging trap debugging
logging facility local2
access-list 10 permit 192.168.100.0 0.0.0.255
access-list 100 permit udp any any eq bootpc
dialer-list 1 protocol ip permit
snmp-server community public RO
no cdp run
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
banner motd ^C Welcome! ^C
!
line con 0
 login authentication local_auth
 transport output telnet
line aux 0
 exec-timeout 15 0
 login authentication local_auth
 transport output telnet
line vty 0 4
 password 7 107D0C1A10051B1F15
 login authentication local_auth
 transport input telnet
!
scheduler allocate 20000 1000
!
end

--------------------------End Configuration-------------------------

 

Let me know if there is anything else you guys need or I should do, I'll be back after classes today. Thanks again!

 

-John

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to NgoJohn01

‎10-02-2014 08:58 AM

John

 

One thing I notice in your output is this

   Default Gateway . . . . . . . . . :

With no default gateway that could be a problem. I suspect that after connecting through the switch the PC did have a default gateway (though I do not have a good explanation of why going through the switch makes much difference - I started to raise the possibility that you were using a straight through Ethernet cable where PC to router would normally need cross over cable but if you learned an IP address that indicates that the cable was working).

 

Here are some things that I notice in your config:

- you have these in the config

enable secret 5 $1$4FJS$RQUEiWuTaMOAGhVx1O1Du0
enable password 7 046F03070C291D175F40

They are redundant and with enable secret in the config enable password would not be used. So you might as well remove it.

- I do not see that you are using this and so it might as well be removed

ip nat pool Network 192.168.100.1 192.168.100.254 netmask 255.255.255.0

- These also are not used and could be removed

access-list 100 permit udp any any eq bootpc
dialer-list 1 protocol ip permit

- This uses the default community string and could make it possible for anyone to access your router using SNMP and learn information. From a security perspective it would be better if you changed "public" to some thing that would not be so easy to guess by outsiders.

 

HTH

 

Rick

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents