09-14-2015 06:45 AM - edited 03-05-2019 02:18 AM
I am trying to connect my Cisco 1760 router inline so I can use it and practice my ACL's.
I want it to go in this sequence: linksys BEFSX41 firewall router switchport >>>>> Built in FA0/0
port on my 1760 router >>>>>> out the FA1/1 port on the WIC-4ESW card >>>>>>>into the
NIC card on my computer.
I want the internet to pass through the 1760 router and be filtered by the 1760 router with my ACL's.
I can put the ACL's in later, but at this point I really just want end to end connectivity.
Would you look at my show run and other outputs and tell me what may be wrong?
I do not know if I need the dhcp in there. Or if I need a routing protocol like RIP in
there. The Linksys router can perform rip as well if I turn it on in the linksys.
Currently rip is off on the linksys. I have the linksys and the 1760 in the same network of
192.168.1.0 255.255.255.0
the linksys is set to 192.168.1.1 for administration
It starts DHCP at 192.168.1.2 and uses only 100 addresses and goes up to 192.168.1.102
All being in the 255.255.255.0 subnet mask.
You can see from the below output what I have on the 1760 router.
Please help me get the connectivity I need.
I understand I cannot assign I.P. addresses to switchports, so that is a little confusing as
to what to do there. What I.P. address is the NIC on my computer
going to be seeing?
As you can see from the output, it says the words Vlan, but when I do a
show vlans command, it says there are no virtual lans configured.
It is true I do not have any vlans assigned to any interfaces.
Do I have to though?
UPDATE:
I turned one of the switchports on the WIC into a trunk and it did start to work. I was flowing streaming video through it just fine. But minutes later the video stopped and I couldn't access any sites until I connected the Ethernet cables and bypassed the router.
Something dynamic must have been occurring in the router to make it stop allowing traffic through.
Please help me get this setup working.
Jason G
Router1760#show run
Building configuration...
Current configuration : 1547 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router1760
!
boot-start-marker
boot-end-marker
!
enable password cisco
!
no aaa new-model
tdm clock T1 0/0 both export line
voice-card 0
!
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.1.102 192.168.1.253
!
ip dhcp pool love
network 192.168.1.0 255.255.255.0
domain-name melisa.com
default-router 192.168.1.1 255.255.255.0
dns-server 205.171.3.25
lease 30 2 7
!
!
no ip domain lookup
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
archive
log config
hidekeys
!
!
controller T1 0/0
framing esf
linecode b8zs
!
!
!
!
!
interface FastEthernet0/0
ip address 192.168.1.53 255.255.255.0
speed auto
full-duplex
!
interface FastEthernet1/1
!
interface FastEthernet1/2
duplex full
speed 100
!
interface FastEthernet1/3
!
interface FastEthernet1/4
!
interface Vlan1
no ip address
!
interface Vlan7
ip address 10.0.0.1 255.0.0.0
!
ip default-gateway 192.168.0.1
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
!
control-plane
!
!
!
!
!
!
!
!
banner login ^C Cisco 1760 Router. Goal: Make the ESW ports routable.^C
banner motd ^CMight have to add vlans. And assign Vlans subnets. May have to add a routing protocol to communicate between vlans.^C
!
line con 0
exec-timeout 0 0
logging synchronous
login
line aux 0
line vty 0 4
exec-timeout 180 0
privilege level 15
password cisco
login
transport input telnet ssh
!
end
Router1760#
Router1760#show ip int brie
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 192.168.1.53 YES NVRAM up up
FastEthernet1/1 unassigned YES unset up up
FastEthernet1/2 unassigned YES unset up down
FastEthernet1/3 unassigned YES unset up down
FastEthernet1/4 unassigned YES unset up down
Vlan1 unassigned YES NVRAM up up
Vlan7 10.0.0.1 YES NVRAM up down
Router1760#
Router1760#show interface fa0/0
FastEthernet0/0 is up, line protocol is down
Hardware is PQUICC_FEC, address is 0014.a820.107c (bia 0014.a820.107c)
Internet address is 192.168.1.53/24
MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, Auto Speed, 100BaseTX/FX
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output 00:00:03, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog
0 input packets with dribble condition detected
304 packets output, 18240 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
1 unknown protocol drops
1 unknown protocol drops
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
Router1760#
Router1760#show int fa1/1
FastEthernet1/1 is up, line protocol is down
Hardware is Fast Ethernet, address is 0013.c433.892c (bia 0013.c433.892c)
MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Auto-duplex, Auto-speed
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output never, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 input packets with dribble condition detected
0 packets output, 0 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
1 unknown protocol drops
1 unknown protocol drops
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
Router1760#
Router1760#show vlans
No Virtual LANs configured.
Router1760#
09-15-2015 05:22 PM
Hi
You do not need dhcp between the BEFSX41 and the 1760. The dhcp should be configured for the you lan/computer.
ip dhcp excluded-address 10.0.0.1
!
ip dhcp pool LAN
network 10.0.0.0 255.255.255.0
domain-name melisa.com
default-router 10.0.0.1
dns-server 205.171.3.25
lease 30 2 7
To show vlans try the following command: show vlan-switch
To create vlans try the following command: vlan-database
I will assume you want to use interface vlan 7 for you lan/Pc since it is already created.
interface Vlan7
no ip proxy-arp
no ip redirects
ip address 10.0.0.1 255.255.255.0
since you are connecting the PC to port fa1/1, you need to put that interface into vlan 7
interface FastEthernet1/1
switchport mode access
switchport access vlan 7
spanning-tree portfast
To allow traffic to route to the Internet, you need to add a static route pointing to the linksys BEFSX41 router.
ip route 0.0.0.0 0.0.0.0 192.168.1.1
To allow traffic from the Internet/linksys router to get to the pc, you need a static route on the linksys to the 10.0.0.0 255.255.255.0 network pointing to 192.168.1.53
On the linksys router ensure you have configured NAT for the lan subnet 10.0.0.0 255.255.255.0
Thanks
John
09-17-2015 07:17 AM
Yeah, I do have some VLANS in there. I could take them out. The reason I had the 192.168.1.53 is because it is the same network as the linksys.
It may complicate things if I try to keep the 10 network.
Can you describe to me how to do this without the 10 network? I am a little confused because the main F0/0 port on the router is not a switchport. it is a router port. So it is a member of all vlans.
If I removed the 10 network on vlan 7, do I still need a vlan? And if so, could I just make the vlan 7 the 192.168.1.0 network. I am just trying to simplify things. I will try it your original way, but please do help me with this latest question.
Thanks.
09-20-2015 06:54 PM
Hi,
You need 192.168.1.53 on Fa0/0 because that is the link to the Linksys and should be on the same network as the linksys. Fa0/0 is a routed port, it's not a member of any vlan. You can change the ip address of vlan 7 but for now leave it and get everything working before changing. Try the config i have given you and see if that works.
Thanks
John
02-11-2016 10:55 AM
So I assume that since the FA1/1 on the WIX4ESW card is going to be connected to my PC, I will need to change the PC's NIC to the 10 network?
Then the routers routed port will still be the 192.168.1.53, and I will have to adjust the BEFSX41 so that they are in the same network?
But how specifically do I enable NAT on the Linksys? I do not mean that I do not know how to go in and enable NAT. I just mean: "What do I make the NAT do. Can you type it out?
Like NAT from where to where?
You wrote: "On the linksys router ensure you have configured NAT for the lan subnet 10.0.0.0 255.255.255.0"
So do I go into the linksys and make it so everything gets natted to that subnet? I uploaded a screenshot of the linksys NAT page. Maybe you could help me out with what I need to enter there.
In Cisco IOS lingo, what would that look like?
I will post a "Show Run" of the 1760 router after I post this message.
Thank You.
02-11-2016 06:16 PM
02-11-2016 11:01 AM
This Show Run post is the one I said I would post that is is reference to the post right after this one. It did not put this post after my last post, that is why it is showing up before the post it is in reference to, so you will need to read the next post in order to know what this one is about.
Thank You.
Router1760#show run
Building configuration...
Current configuration : 1450 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router1760
!
boot-start-marker
boot-end-marker
!
enable password cisco
!
no aaa new-model
tdm clock T1 0/0 both export line
voice-card 0
!
ip cef
!
!
!
!
no ip domain lookup
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
archive
log config
hidekeys
!
!
controller T1 0/0
framing esf
linecode b8zs
!
!
!
!
!
interface FastEthernet0/0
ip address 192.168.1.53 255.255.255.0
speed auto
full-duplex
!
interface FastEthernet1/1
switchport access vlan 7
spanning-tree portfast
!
interface FastEthernet1/2
switchport mode trunk
duplex full
speed 100
!
interface FastEthernet1/3
switchport mode trunk
!
interface FastEthernet1/4
switchport mode trunk
!
interface Vlan1
no ip address
!
interface Vlan7
ip address 10.0.0.1 255.255.255.0
no ip redirects
no ip proxy-arp
!
ip default-gateway 192.168.0.1
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
!
control-plane
!
!
!
!
!
!
!
!
banner login ^C Cisco 1760 Router. Goal: Make the ESW ports routable.^C
banner motd ^CMight have to add vlans. And assign Vlans subnets. May have to add a routing protocol to communicate between vlans.^C
!
line con 0
exec-timeout 0 0
logging synchronous
login
line aux 0
line vty 0 4
exec-timeout 180 0
privilege level 15
password cisco
login
transport input telnet ssh
!
end
Router1760#
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide