Solved: Re: Business Case for Cisco Intelligent WAN

maani · ‎01-15-2019

Hi,

Everyone, I'm configuring Cisco 1841 Router with ISP provided Public IPs. Everything is working. Just wondering how can i assign GW & DNS in WAN Interface. Right now i've put GW & DNS servers in DHCP server which is assigning to LAN clients & Internet is working. But i know this isn't the proper way. Anybody can help??

lets say 111.111.111.12 is my public IP

GW 111.111.111.14 is Gateway

DNS: 8.8.8.8

pasting my show run....

EdgeRouter#show run

Building configuration...

Current configuration : 1485 bytes

!

version 12.3

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname EdgeRouter

!

boot-start-marker

boot-end-marker

!

enable secret 5 $1$18P8$zophbkZPasse7890xZID50

!

mmi polling-interval 60

no mmi auto-configure

no mmi pvc

mmi snmp-timeout 180

no aaa new-model

ip subnet-zero

ip cef

!

ip dhcp excluded-address 192.168.2.1 192.168.2.10

!

ip dhcp pool Local

network 192.168.2.0 255.255.255.0

default-router 111.111.111.14

dns-server 84.235.6.55 84.235.57.230

!

no ip domain lookup

ip ips po max-events 100

no ftp-server write-enable

!

no crypto isakmp ccm

!

interface FastEthernet0/0

ip address 111.111.111.12 255.255.255.0

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

!

interface FastEthernet0/1

ip address 192.168.2.1 255.255.255.0

ip nat inside

ip virtual-reassembly

duplex auto

speed auto

!

ip classless

ip route 0.0.0.0 0.0.0.0 111.1111.111.14

!

ip dns server

!

ip http server

no ip http secure-server

ip nat inside source list 1 interface FastEthernet0/0 overload

!

access-list 1 permit 192.168.2.0 0.0.0.255

!

control-plane

!

banner login ^Cine

Your Activity is being Monitored ^C

!

line con 0

password 7 110A1016141D

login

line aux 0

line vty 0 4

privilege level 15

password 7 0132202A7A26260635624B1D0E0A05194F58566B

login

line vty 5 15

privilege level 15

password 7 0132202A7A26260635624B1D0E0A05194F58566B

login

!

end

EdgeRouter#

Richard Burts · ‎01-15-2019

Let me try again. The GW provided by your ISP is used in your static default route. Just to be sure is this the GW that you are talking about

ip route 0.0.0.0 0.0.0.0 111.1111.111.14

If this is the GW you are talking about then this route is how you use it.

Let me try to explain something else. You have mentioned several times wanting to configure DNS and gateway on your WAN interface. But you do not configure DNS or gateway on an interface. On the interface you configure an IP address and a mask. You might configure some DNS that uses the WAN interface but you do not configure that DNS on the interface itself. Similar you might configure a gateway that uses the WAN interface. But you do not configure the gateway on the interface.

HTH

Rick

HTH

Rick

View solution in original post

Richard Burts · ‎01-15-2019

I am not clear what you are really asking when you say

how can i assign GW & DNS in WAN Interface

Since you have configured a static default route whose next hop is out the WAN interface I would interpret that as assigning GW for the WAN interface. Did you mean something else?

I see that you have DNS configured in the DHCP pool (and note that it is different from the DNS that you mention in asking your question). So that DNS would be used by clients who obtain their address using DHCP. It would not be used by the router itself. If you want the router to use DNS you would need to configure a DNS server for the router to use.

There is an issue in the DHCP pool in your config. You have this

default-router 111.111.111.14

But the DHCP default router should be the router in the subnet used by DHCP. So for your config the default router should be 192.168.2.1.

HTH

Rick

HTH

Rick

maani · ‎01-15-2019

You're absolutely right. I understand that also. Let me rephrase my issue. I want to configure this router as any other Small Business or home routers. Where you've WAN interface and on that interface you can configure STATIC IP With GW with DNS etc. This would made my question more simple.

2- Ok i got it my gateway is wrong. Then where should i put the GW Provided by the ISP??
3- Right now Purpose of this Router is to just serve Internet for LAN clients. And they have now Public IPs as its being used for business. In future they'll need VPN & Web server etc.

Hope you would guide me right.

xAdventix · ‎01-15-2019

Just as an add-on, I'm assuming you're ISP hasn't provided a /24 of IP's for you? Make sure you put the right subnet as a mismatch in subnets has the potential to cause nasty performance issues from my experience.

maani · ‎01-15-2019

Of course i was surprised too. We're already in conversation with them for /24 subnet issue. They'll provide correct subnet. Do you have any idea about mentioned issue i asked above??

xAdventix · ‎01-15-2019

Richard has covered everything that I could possibly cover...DNS is done via DHCP which is the correct way of implementation, the only other DNS you could implement is directly on the router, but as Richard already covered you'd need to directly configure the DNS servers onto the router but this won't help your internal network. Your default gateway is 100% incorrect as it should be in the same subnet as you're local IP's, so as Richard said, change it to the default gateway of FastEthernet0/1 (192.168.2.1).

If you could clarify what points we are missing, then I'd be happy to try and advise further.

Richard Burts · ‎01-15-2019

One more thing to point out. This line from the config

ip dns server

sets up the router to act as a dns server, which clients might use. If the router is being set up to act as dns server itself then it is even more important that the router be configured with a dns server to use. It might look something like

ip name-server 8.8.8.8

If you do not intend for clients to use the router as a dns server then remove the ip dns server command from the config.

HTH

Rick

HTH

Rick

maani · ‎01-15-2019

Very good idea. Yes, you're right i want to use Router as DNS server too.

Richard Burts · ‎01-15-2019

OK if you do want to use the router as DNS server then leave the command ip dns server in the config and add at least one DNS server for the router to use with ip name-server command.

I tried to explain the GW definition for the router but apparently was not clear. So let me try again. You specify the gateway address provided by the ISP in the static default route that you configured

ip route 0.0.0.0 0.0.0.0 111.1111.111.14

that gateway address does not go into your DHCP pool configuration.

Do I understand correctly that the devices connected in your LAN will all have public IP addresses? If so then you do not need address translation configured on your router.

HTH

Rick

HTH

Rick

maani · ‎01-15-2019

ip route 0.0.0.0 0.0.0.0 111.1111.111.14

that gateway address does not go into your DHCP pool configuration.

>> Ok i got it. What should i do with Public GW Provided by the ISP??

xAdventix · ‎01-15-2019

What IP was provided for the public GW? It should be 111.111.111.14 ?

maani · ‎01-15-2019

Yes, i didn't mentioned original IP's due to security reasons. Lets suppose this is our GW Provided by ISP.

maani · ‎01-15-2019

GW is 111.111.111.12

IP is: 111.111.111.14

Richard Burts · ‎01-15-2019

Let me try again. The GW provided by your ISP is used in your static default route. Just to be sure is this the GW that you are talking about

ip route 0.0.0.0 0.0.0.0 111.1111.111.14

If this is the GW you are talking about then this route is how you use it.

Let me try to explain something else. You have mentioned several times wanting to configure DNS and gateway on your WAN interface. But you do not configure DNS or gateway on an interface. On the interface you configure an IP address and a mask. You might configure some DNS that uses the WAN interface but you do not configure that DNS on the interface itself. Similar you might configure a gateway that uses the WAN interface. But you do not configure the gateway on the interface.

HTH

Rick

HTH

Rick

maani · ‎01-15-2019

Thank you Mr. Richard,

I hope i'm not irritating you. Yes you're right. My stupid question was can we configure GW & DNS on an interface which is now NO. For sure. Ok Then i also got the answer how Router can be configured as DNS server. Fine.

Last Question is How about GW Provided by ISP?? it can be used or just leave it. Just use Public IP on WAN interface & configure Router as DNS server, Correct the DHCP Pool and all set??