Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
963
Views
0
Helpful
7
Replies

Cannot access DNS/Internet from 1921

murtuzakazmi
Level 1
Level 1

‎01-11-2013 10:40 AM - edited ‎03-04-2019 06:41 PM

Hello Experts,

I have been playing around with a 1921/K9 router in our dev environment. It's been about 24 hours and I just can't seem to get it to work. My DHCP Server is working hence my internal network is getting IP address as desired. But Router doesn't seem to connect to internet for some reason.

I am trying to make it a internet facing router with static IP address (67.210.209.113). LAN side of this router will be our .11 Network which is our Dev Network.

Here is some network information:

WAN:

Interface IP: 67.210.111.111

Default Gateway: 67.210.111.222 (I can ping this address through router)

tlm1921A-11A#ping 67.210.111.222

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 67.210.111.222, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms

LAN:

Interface IP: 192.168.11.1

Network: 192.168.11.0/24

I cannot ping google.com OR 8.8.8.8 from the router

I am connected to the router through COM as well as CPP.

If any one of you can help me out - I would really really appreciate it.

King regards,

Murtuza

Here is my run file. Some settings might be a little messed up as I have been trying different guides and methods to get this up and running !!

hostname tlm1921A-11A

!

boot-start-marker

boot-end-marker

!

!

aaa new-model

!

!

aaa authentication login default local

aaa authorization exec default local

!

!

!

!

!

aaa session-id common

!

clock timezone PCTime -5 0

clock summer-time PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00

!

no ipv6 cef

ip source-route

no ip routing

no ip cef

!

!

!

ip dhcp excluded-address 192.168.11.1 192.168.11.184

ip dhcp excluded-address 192.168.11.206 192.168.11.254

!

ip dhcp pool 11Network

import all

network 192.168.11.0 255.255.255.0

dns-server 8.8.8.8 4.2.2.2

default-router 192.168.11.1

!

!

ip name-server 8.8.8.8

ip name-server 4.2.2.2

!

multilink bundle-name authenticated

!

crypto pki token default removal timeout 0

!

!

!

interface Embedded-Service-Engine0/0

no ip address

no ip route-cache

shutdown

!

interface GigabitEthernet0/0

description 11WAN$ETH-WAN$

ip address 67.210.111.111 255.255.255.224

ip nat outside

ip virtual-reassembly in

no ip route-cache

duplex auto

speed auto

no mop enabled

!

interface GigabitEthernet0/1

description 11LAN

ip nat inside

ip address 192.168.11.1 255.255.255.0

ip virtual-reassembly in

no ip route-cache

duplex auto

speed auto

!

ip forward-protocol nd

!

ip http server

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

!

ip nat pool Pool 10.10.10.1 10.10.10.10 netmask 255.255.255.0

ip route 0.0.0.0 0.0.0.0 67.210.111.222

!

access-list 1 remark CCP_ACL Category=2

access-list 1 permit 192.168.11.0 0.0.0.255

!

!

control-plane

!

!

line con 0

line aux 0

line 2

no activation-character

no exec

transport preferred none

transport input all

transport output pad telnet rlogin lapb-ta mop udptn v120 ssh

stopbits 1

line vty 0 4

password tlmcisco

transport input telnet ssh

transport output telnet ssh

line vty 5 15

transport input telnet ssh

transport output telnet

!

scheduler allocate 20000 1000

end

Labels:
0 Helpful
7 Replies 7

liam onions
Level 1
Level 1

‎01-11-2013 10:44 AM

Try changing dns server too 192.168.11.1.

0 Helpful

murtuzakazmi
Level 1
Level 1
In response to liam onions

‎01-11-2013 10:48 AM

But I can't even reach 8.8.8.8 from the router itself - perhaps it's not finding the right route to go to my Default Gateway 67.210.111.222. Thoughts?

You think changing dns server to a LAN Interface would fix the issue?

0 Helpful

liam onions
Level 1
Level 1
In response to murtuzakazmi

‎01-11-2013 10:54 AM

yeah should be ok once you resolve dns locally.

0 Helpful

liam onions
Level 1
Level 1
In response to murtuzakazmi

‎01-11-2013 10:57 AM

what switch you using ?

0 Helpful

cadet alain
VIP Alumni
VIP Alumni
In response to murtuzakazmi

‎01-12-2013 03:46 AM

Hi,

to be able to ping internet addresses from the router: enter this command in global config mode   ip routing

to do the same from LAN: ip nat inside source list 1  interface g0/0

Regards.

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.
0 Helpful

Elton Babcock
Level 1
Level 1

‎01-11-2013 02:11 PM

I don't see where you have defined your NAT statement such as:

IP NAT inside source list 1 interface gigabitethernet overload




Sent from Cisco Technical Support iPhone App

0 Helpful

paul driver
VIP
VIP

‎01-12-2013 10:58 AM

Hello Murtuza,

A few things -

1) do you really have a allocation of 32 public addreses?

2) your public assigned ip address isnt NOT in the same subnet range has the gateway you have stated
3 your nat pool isnt in the same range as the isp range

4) misssing nat statement to bind the nat pool with acl  1 and inside nat

to test connectivity before applying nat etc  , can you try-

1)removing nat statement from gig0/0

2)enable ip routing
3)add a default static route towards your ISP router lan ip address ( whatever this is)
4)try sourcing the icmp test from a specified interface of G0/0

res

Paul


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card