09-12-2013 09:54 PM - edited 03-04-2019 09:01 PM
Hi..
I have cisco 2911 series router.I am trying to do a simple router set up.
My ISP provide me following IP addresses with single physical connection.
Primary WAN IP: 58.xx.xxx.6 255.255.255.252 Gateway: 58.xx.xxx.5
and
Secondary WAN IP: 58.xx.xx.2 255.255.255.248 Gateway: 58.xx.xx.1
58.xx.xx.3 255.255.255.248 Gateway: 58.xx.xx.1
58.xx.xx.4 255.255.255.248 Gateway: 58.xx.xx.1
LAN IP addresses: 27.xxx.xxx.66 255.255.255.248 Gateway: 27.xxx.xxx.65
27.xxx.xxx.67 255.255.255.248 Gateway: 27.xxx.xxx.65
27.xxx.xxx.68 255.255.255.248 Gateway: 27.xxx.xxx.65
27.xxx.xxx.69 255.255.255.248 Gateway: 27.xxx.xxx.65
27.xxx.xxx.70 255.255.255.248 Gateway: 27.xxx.xxx.65
I have configured
interface GigabitEthernet0/1
ip address 58.xx.xx.2 255.255.255.248 secondary
ip address 58.xx.xxx.6 255.255.255.252
interface GigabitEthernet0/0
ip address 27.xxx.xxx.65 255.255.255.248
IP route i configured is
ip route 0.0.0.0 0.0.0.0 58.xx.xxx.5
ip route 0.0.0.0 0.0.0.0 58.xx.xx.1
Now ip address 27.xxx.xxx.64/29 is working properly. but i am not able to use 58.xx.xx.3,58.xx.xx.4 the ISP provided IP addresses.
I can ping from the Router2911 to 58.xx.xx.1.
I cannot ping from the PC to 58.xx.xx.1
Simply, I want to use secondary WAN IP addresses (58.xx.xx.3,58.xx.xx.4) on my local PC.
The problem I am having is that it is not routing and I cannot see what I am missing.
Here is my current router configiration...
Building configuration...
Current configuration : 1420 bytes
!
! Last configuration change at 14:34:40 UTC Thu Sep 12 2013
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname Cisco_Router
!
boot-start-marker
boot-end-marker
!
!
enable secret 4 tS/M3box6xxvJmxx7SPxxyQHEgxxMtxxxPfeTxnxx0E
!
no aaa new-model
!
ip cef
!
!
!
!
!
!
ip name-server 202.xxx.xxx.x
ip name-server 202.xxx.xxx.x
no ipv6 cef
multilink bundle-name authenticated
!
!
!
!
license udi pid CISCO2911/K9 sn FGLxxx11xxG
!
!
username cisco privilege 15 password 7 15xxx21Fxx25xx7Dxx62
!
!
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
ip address 27.xxx.xxx.65 255.255.255.248
duplex auto
speed auto
!
interface GigabitEthernet0/1
ip address 58.xx.xx.2 255.255.255.248 secondary
ip address 58.xx.xxx.6 255.255.255.252
duplex auto
speed auto
!
interface GigabitEthernet0/2
no ip address
shutdown
duplex auto
speed auto
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 58.xx.xxx.5
ip route 0.0.0.0 0.0.0.0 58.xx.xx.1
!
!
!
!
control-plane
!
!
!
line con 0
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
password 7 070xxx5Fxx06xx5Cxx43
login
transport input all
!
scheduler allocate 20000 1000
!
end
09-13-2013 12:36 AM
Hi,
IMHO, it has no sense to configure
interface GigabitEthernet0/1
ip address 58.xx.xxx.5 255.255.255.252
and
ip route 0.0.0.0 0.0.0.0 58.xx.xxx.5
at the same time.
According to your ISP provided info
Primary WAN IP: 58.xx.xxx.6 255.255.255.252 Gateway: 58.xx.xxx.5
you shoud configure
nterface GigabitEthernet0/1
ip address 58.xx.xxx.6 255.255.255.252
on your router.
Also I don't uderstand the purpose of secondary WAN IP towards your ISP?
Best regards,
Milan
09-13-2013 12:52 AM
There are a couple of things going wrong in your setup in addition to the misconfiguration pointed out by Milan.
First, use the /30 network as a pure transfer network to your ISP:
interface GigabitEthernet0/1
ip address 58.xx.xxx.6 255.255.255.252
!
ip route 0.0.0.0 0.0.0.0 58.xx.xxx.5
Then tell you provider to route the network 58.xx.xx.0 255.255.255.248 (where xx.xx is hopefully a different xx.xx then the one on gig0/1; it wouldn't make any sense otherwise) to your IP 58.xx.xx.6. Now you can use this network in your local LAN. For example with the following config:
interface GigabitEthernet0/0
ip address 27.xxx.xxx.65 255.255.255.248
ip address 58.xx.xx.2 255.255.255.248 secondary
Or you can use the two networks on different VLANs that you split on your switch:
interface GigabitEthernet0/0.10
encapsulation dot1Q 10
ip address 27.xxx.xxx.65 255.255.255.248
interface GigabitEthernet0/0.20
encapsulation dot1Q 20
ip address 58.xx.xx.2 255.255.255.248 secondary
--
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni
09-13-2013 02:06 AM
Hi Karsten,
As per your suggestions, i have configured my router. now i am waiting for my ISP reply.
Thank you very much. i will get back on this later.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide