Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1117
Views
5
Helpful
12
Replies

Cisco 1100 behind existing router

Go to solution
alexander2003
Level 1
Level 1

‎03-09-2022 10:11 AM - last edited on ‎03-14-2022 12:37 PM by Community Manager

Hello,
I currently have a problem configuring it Cisco 1100 behind an existing modem.

The IP of the existing modem is 192.168.0.1

I have connected the Cisco 1100 via LAN the modem. The interface has the IP 192.168.0.99.

I have also set up the IP route, however I am not able to ping other devices.

Can anyone help me or tell me where the error is? Do I need NAT? Unfortunately I cannot set the existing router to bridge mode.

My goal would have been to connect the Cisco 1100 to the existing modem via the Gig0/0/0 interface. The LAN ports Gig0/1/0-7 should all be in VLAN 1 with the network 10.10.1.0.

I am 18 years old and new to the Cisco world. Would be very grateful for any help.

 

Config:

 

version 16.6
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
platform qfp utilization monitor load 80
no platform punt-keepalive disable-kernel-core
!
hostname CiscoRouter
!
boot-start-marker
boot-end-marker
!
!
enable secret 5 $1$OBcO$UZPJhYt7xrDQwWIE4Y6l.1
!
no aaa new-model
!
!
ip dhcp pool lan-pool1
 network 10.10.1.0 255.255.255.0
 default-router 10.10.1.1
 dns-server 8.8.8.8
!
!
!
!
!
!
!
!
!
!
subscriber templating
!
!
multilink bundle-name authenticated
!
!
!
crypto pki trustpoint TP-self-signed-3433423209
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-3433423209
 revocation-check none
 rsakeypair TP-self-signed-3433423209
!
!
crypto pki certificate chain TP-self-signed-3433423209
!
!
license udi pid C1111-8P sn FCZ2240122N
!
diagnostic bootup level minimal
spanning-tree extend system-id
!
!
!
redundancy
 mode none
!
!
vlan internal allocation policy ascending
!
!
!
!
!
!
interface Loopback0
 no ip address
!
interface GigabitEthernet0/0/0
 ip address 192.168.0.99 255.255.255.0
 negotiation auto
!
interface GigabitEthernet0/0/1
 no ip address
 negotiation auto
!
interface GigabitEthernet0/1/0
 switchport mode access
!
interface GigabitEthernet0/1/1
!
interface GigabitEthernet0/1/2
!
interface GigabitEthernet0/1/3
!
interface GigabitEthernet0/1/4
!
interface GigabitEthernet0/1/5
!
interface GigabitEthernet0/1/6
!
interface GigabitEthernet0/1/7
!
interface Vlan1
 ip address 10.10.1.1 255.255.255.0
!
ip forward-protocol nd
no ip http server
ip http secure-server
ip route 0.0.0.0 0.0.0.0 192.168.0.1
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0/0
!
!
!
!
!
!
control-plane
!
!
line con 0
 transport input none
 stopbits 1
line vty 0 4
 login
!
!
!
!
!
!
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Georg Pauwen
VIP
VIP
In response to alexander2003

‎03-09-2022 01:56 PM - last edited on ‎03-14-2022 12:43 PM by Community Manager

Hello,

 

you are missing this line:

 

-->

ip nat inside source list 1 interface GigabitEthernet0/0/0 overload

View solution in original post

0 Helpful
12 Replies 12

Go to solution
Karsten Iwen
VIP
VIP

‎03-09-2022 10:38 AM - last edited on ‎03-14-2022 12:39 PM by Community Manager

Two options here:

1) If your Modem/Router supports it, configure it with a static route for 10.10.1.0/24 with a next hop of 192.168.0.99.

2) If it doesn't support static routes, you need to configure NAT/PAT on your router.

The whole problem is that the Modem/router has no idea how to reach the network 10.10.1.0/24.

And you also should remove the route

ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0/0

This one is not needed here.

0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame

‎03-09-2022 10:43 AM - last edited on ‎03-14-2022 12:40 PM by Community Manager

There are some things in your post that are not clear. In some parts you refer the 1100 to be connected to a modem and in other parts you describe it connected to a router. Which is it?

Are you sure that 192.168.0.1 is the correct address of the device that you are connecting to? Can the 1100 ping that address? Perhaps the output of these commands on the 1100 might be helpful

show ip interface brief
show ip route
show arp

You say that you are not able to ping other devices. What devices are these? What are their IP addresses? Are they reached through interface G0/0/0 (on the outside) or are they reached through interface vlan 1?

I have some comments about your configuration.

- You have configured 2 static default routes

ip route 0.0.0.0 0.0.0.0 192.168.0.1
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0/0

It appears that both of them describe the same forwarding path. You only need one of them. For several reasons I would suggest that you remove the entry that specifies the outbound interface and keep the entry that specifies a next hop address.

- It is not clear whether this modem/router that you connect to is connected to the Internet (seems likely) or is connected to something else (in which case please clarify what it connects to).

# if connected to the Internet then there needs to be Network Address Translation to allow your inside network 10.10.1.0 to access the Internet. Perhaps the modem/router might be able to do that NAT? Or else you will need to configure NAT on your 1100.

# if connected to something else then whatever it is connected to will need routing information about both 10.10.1.0 and perhaps 192.168.0.0

HTH

Rick
0 Helpful

Go to solution
alexander2003
Level 1
Level 1
In response to Richard Burts

‎03-09-2022 11:06 AM

Thank you for the quick reply.
The Cisco 1100 is connected to a router, which is also responsible for Internet access, so it is directly connected to the Internet. The IP address of the router is 192.168.0.1.

The IP address can also be pinged from the 1100. However, it is not possible to ping another computer on the 192.168.0 network.

How do I set up NAT on the 1100? Internface gig0/0/0 is my ip nat outside. But what is my IP nat inside? In that case all my ports (0/1/0-7) would be my ip nat inside?

 

Thanks

 

Unbenannt.PNG

0 Helpful

Go to solution
Georg Pauwen
VIP
VIP

‎03-09-2022 12:21 PM - last edited on ‎03-14-2022 12:42 PM by Community Manager

Hello,

 

make the changes marked in bold:

 

version 16.6
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
platform qfp utilization monitor load 80
no platform punt-keepalive disable-kernel-core
!
hostname CiscoRouter
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$OBcO$UZPJhYt7xrDQwWIE4Y6l.1
!
no aaa new-model
!
--> ip dhcp excluded-address 10.10.1.1
!
ip dhcp pool lan-pool1
network 10.10.1.0 255.255.255.0
default-router 10.10.1.1
dns-server 8.8.8.8
!
subscriber templating
!
multilink bundle-name authenticated
!
crypto pki trustpoint TP-self-signed-3433423209
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3433423209
revocation-check none
rsakeypair TP-self-signed-3433423209
!
crypto pki certificate chain TP-self-signed-3433423209
!
license udi pid C1111-8P sn FCZ2240122N
!
diagnostic bootup level minimal
spanning-tree extend system-id
!
redundancy
mode none
!
vlan internal allocation policy ascending
!
interface Loopback0
no ip address
!
interface GigabitEthernet0/0/0
ip address 192.168.0.99 255.255.255.0
--> ip nat outside
negotiation auto
!
interface GigabitEthernet0/0/1
no ip address
negotiation auto
!
interface GigabitEthernet0/1/0
switchport mode access
!
interface GigabitEthernet0/1/1
!
interface GigabitEthernet0/1/2
!
interface GigabitEthernet0/1/3
!
interface GigabitEthernet0/1/4
!
interface GigabitEthernet0/1/5
!
interface GigabitEthernet0/1/6
!
interface GigabitEthernet0/1/7
!
interface Vlan1
ip address 10.10.1.1 255.255.255.0
--> ip nat inside
!
ip forward-protocol nd
no ip http server
ip http secure-server
--> ip nat inside source list 1 interface GigabitEthernet0/0/0 overload
ip route 0.0.0.0 0.0.0.0 192.168.0.1
--> no ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0/0
!
--> access-list 1 permit 10.10.1.0 0.0.0.255
!
control-plane
!
line con 0
transport input none
stopbits 1
line vty 0 4
login
!
end
!
0 Helpful

Go to solution
alexander2003
Level 1
Level 1
In response to Georg Pauwen

‎03-09-2022 12:53 PM

Thanks for the answer.  
I have made the changes.

 

Now I can send a ping directly from the router to google.com, etc..

But now when I connect my PC it gets the IP address 10.10.1.2 but I can't ping to 192.168.0.1 or open a page.

 

0 Helpful

Go to solution
Georg Pauwen
VIP
VIP
In response to alexander2003

‎03-09-2022 01:44 PM

Hello,

 

can your PC ping 192.168.0.99 ?

0 Helpful

Go to solution
alexander2003
Level 1
Level 1
In response to Georg Pauwen

‎03-09-2022 01:47 PM

Yes, I can ping 192.168.0.99 from the PC. 

0 Helpful

Go to solution
Georg Pauwen
VIP
VIP
In response to alexander2003

‎03-09-2022 01:50 PM

Hello,

 

post the running configuration again with the changes you have made.

0 Helpful

Go to solution
alexander2003
Level 1
Level 1
In response to Georg Pauwen

‎03-09-2022 01:54 PM - last edited on ‎03-14-2022 12:43 PM by Community Manager

Attached is the current config.
Thanks a lot!

 

 

version 16.6
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
platform qfp utilization monitor load 80
no platform punt-keepalive disable-kernel-core
!
hostname CiscoRouter
!
boot-start-marker
boot-end-marker
!
!
enable secret 5 $1$OBcO$UZPJhYt7xrDQwWIE4Y6l.1
!
no aaa new-model
!
ip dhcp excluded-address 10.10.1.1
!
ip dhcp pool lan-pool1
network 10.10.1.0 255.255.255.0
default-router 10.10.1.1
dns-server 8.8.8.8
!
!
!
!
!
!
!
!
!
!
subscriber templating
!
!
multilink bundle-name authenticated
!
!
!
crypto pki trustpoint TP-self-signed-3433423209
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3433423209
revocation-check none
rsakeypair TP-self-signed-3433423209
!
!
crypto pki certificate chain TP-self-signed-3433423209
!
!
license udi pid C1111-8P sn FCZ2240122N
!
diagnostic bootup level minimal
spanning-tree extend system-id
!
!
!
redundancy
mode none
!
!
vlan internal allocation policy ascending
!
!
!
!
!
!
interface Loopback0
no ip address
!
interface GigabitEthernet0/0/0
ip address 192.168.0.99 255.255.255.0
ip nat outside
negotiation auto
!
interface GigabitEthernet0/0/1
no ip address
negotiation auto
!
interface GigabitEthernet0/1/0
switchport mode access
!
interface GigabitEthernet0/1/1
!
interface GigabitEthernet0/1/2
!
interface GigabitEthernet0/1/3
!
interface GigabitEthernet0/1/4
!
interface GigabitEthernet0/1/5
!
interface GigabitEthernet0/1/6
!
interface GigabitEthernet0/1/7
!
interface Vlan1
ip address 10.10.1.1 255.255.255.0
ip nat inside
!
ip forward-protocol nd
no ip http server
ip http secure-server
ip route 0.0.0.0 0.0.0.0 192.168.0.1
!
!
access-list 1 permit 10.10.1.0 0.0.0.255
!
!
!
!
control-plane
!
!
line con 0
transport input none
stopbits 1
line vty 0 4
login
!
!
!
!
!
!
end
0 Helpful

Go to solution
Georg Pauwen
VIP
VIP
In response to alexander2003

‎03-09-2022 01:56 PM - last edited on ‎03-14-2022 12:43 PM by Community Manager

Hello,

 

you are missing this line:

 

-->

ip nat inside source list 1 interface GigabitEthernet0/0/0 overload
0 Helpful

Go to solution
alexander2003
Level 1
Level 1
In response to Georg Pauwen

‎03-09-2022 02:05 PM

Now it works!
Thanks a lot!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card