Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
403
Views
15
Helpful
5
Replies

Can someone help me?

bob_0000
Level 1
Level 1

‎10-15-2019 02:36 AM

Hello everyone,

 

I am new to networking using the cisco CLI and I have a question. I am trying to do a basic setup for the Cisco 800 series and I am having trouble using internet on my laptop. I get a ip address 192.168.50.3 and with the right lease time. 

 

Here is my running-config

 

Building configuration...

Current configuration : 997 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
!
no aaa new-model
!
!
no ip source-route
!
!
!
ip dhcp pool algemeen
network 192.168.50.0 255.255.255.0
default-router 192.168.50.1
!
!
ip cef
ip name-server 8.8.8.8
ip name-server 4.4.4.4
no ipv6 cef
!
!
multilink bundle-name authenticated
!
!
!
!
!
archive
log config
hidekeys
!
!
!
!
!
interface FastEthernet0
duplex half
speed 100
!
interface FastEthernet1
!
interface FastEthernet2
duplex half
speed 100
!
interface FastEthernet3
!
interface FastEthernet4
ip address dhcp
duplex auto
speed auto
!
interface Vlan1
ip address 192.168.50.1 255.255.255.0
!
no ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
!
!
!
!
!
!
control-plane
!
!
line con 0
no modem enable
line aux 0
line vty 0 4
login
!
scheduler max-task-time 5000
end

 

thanks in advance. What am i doing wrong

Labels:
0 Helpful
5 Replies 5

Georg Pauwen
VIP
VIP

‎10-15-2019 03:14 AM

Hello,

 

make the changes/additions marked in bold:

 

Building configuration...

Current configuration : 997 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
!
no aaa new-model
!
!
no ip source-route
!
ip dhcp excluded-address 192.168.50.1
!
ip dhcp pool algemeen
network 192.168.50.0 255.255.255.0
default-router 192.168.50.1
dns-server 8.8.8.8 4.4.4.4
!
ip cef
ip name-server 8.8.8.8
ip name-server 4.4.4.4
no ipv6 cef
!
multilink bundle-name authenticated
!
archive
log config
hidekeys
!
interface FastEthernet0
duplex half
speed 100
!
interface FastEthernet1
!
interface FastEthernet2
duplex half
speed 100
!
interface FastEthernet3
!
interface FastEthernet4
ip address dhcp
ip nat outside
duplex auto
speed auto
!
interface Vlan1
ip address 192.168.50.1 255.255.255.0
ip nat inside
!
no ip forward-protocol nd
no ip http server
no ip http secure-server
!
ip nat inside source list 1 interface FastEthernet4 overload
ip route 0.0.0.0 0.0.0.0 FastEthernet4 dhcp
!
access-list 1 permt 192.168.50.0 0.0.0.255
!
control-plane
!
line con 0
no modem enable
line aux 0
line vty 0 4
login
!
scheduler max-task-time 5000
end

Deepak Kumar
VIP Alumni
VIP Alumni

‎10-15-2019 05:29 AM

Hi,

Below are the changes:

 

ip dhcp pool algemeen
network 192.168.50.0 255.255.255.0
default-router 192.168.50.1

dns-server 8.8.8.8 4.4.4.4

!

interface FastEthernet4
ip address dhcp
duplex auto
speed auto

ip nat outside
!
interface Vlan1
ip address 192.168.50.1 255.255.255.0

Ip nat inside

!

ip route 0.0.0.0 0.0.0.0 FastEthernet4 dhcp
!
access-list 99 permt 192.168.50.0 0.0.0.255

!

ip nat inside source list 99 interface FastEthernet4 overload

 

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!

paul driver
VIP
VIP

‎10-15-2019 05:48 AM - edited ‎10-15-2019 05:51 AM

Just like to add

if this router is internet facing suggest at the very least you apply some iOS security to it like a context based access list or zone based firewall if the iOS supports it

The good thing is Cisco provides very simplistic way to secure your router if you don’t know your way around the cli and is to use the inbuilt security macro which will secure you rtr when attaching directly to an unsecured link such as the internet

 

type the below and follow the instructions:

auto secure full 

 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Georg Pauwen
VIP
VIP
In response to paul driver

‎10-15-2019 07:45 AM

On a side note, is that feature available on the 800 series ? I thought it required an XE release, not sure about that though...

0 Helpful

paul driver
VIP
VIP
In response to Georg Pauwen

‎10-15-2019 02:02 PM - edited ‎10-15-2019 02:03 PM

@Georg Pauwen 

@Georg Pauwen wrote:

On a side note, is that feature available on the 800 series ? I thought it required an XE release, not sure about that though...

FYI-

CCO States

Cisco AutoSecure is available in Cisco IOS Software Major Release 12.3 and subsequent 12.3 T releases for the Cisco 800, 1700, 2600, 3600, 3700, 7200, and 7500 Series routers.

 

 

 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card