12-04-2012 08:39 AM - edited 03-04-2019 06:18 PM
Hello, this is my first post so applogies if this is in the wrong section of the site!
I have aquired an 1800 series router from from a site that we have recently closed, I have had this in my cupboard for a few months so decided I would get to grips with it and learn the IOS!
I have been trying to configure a very basic setup. An internal LAN using a DHCP pool on VLAN1 of the internal switch, of which is done and working. My next step is to connect this to our company backup DSL line just for testing purposes.
I have a spare public address that I am wanting to use 82.68.53.244 /29
Below is the config that I am using but it is not working. The router VLAN1 (INSIDE) port 3 light is actively passing data and the Fe0 port (Outside) is also active but I cannot connect to the net.
The public address of 82.68.53.244 has a next hop of 82.68.53.241 which is the DSL router, I can ping 82.68.53.244 but not 82.68.53.241
Any help where im going wrong would be appreciated!
hostname STHTEST
ip dhcp excluded-address 10.101.112.1 10.101.112.99
ip dhcp excluded-address 10.101.112.200 10.101.112.254
ip dhcp pool TEST
network 10.101.112.0 255.255.255.0
dns-server 10.101.112.1
no ip domain lookup
interface FastEthernet0
description OUTSIDE
ip address 82.68.53.244 255.255.255.248
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
interface FastEthernet1
no ip address
shutdown
duplex auto
speed auto
interface BRI0
no ip address
encapsulation hdlc
shutdown
interface FastEthernet2
interface FastEthernet3
interface FastEthernet4
interface FastEthernet5
interface FastEthernet6
interface FastEthernet7
interface FastEthernet8
interface FastEthernet9
interface Vlan1
description INSIDE
ip address 10.101.112.1 255.255.255.0
ip nat inside
ip virtual-reassembly
ip route 0.0.0.0 0.0.0.0 82.68.53.241
no ip http server
no ip http secure-server
ip nat inside source list 101 interface Vlan1 overload
access-list 101 permit ip 10.101.112.0 0.0.0.255 any
Solved! Go to Solution.
12-05-2012 03:39 AM
Scott,
Try this:
no ip nat inside source list 101 interf vlan1 overload
ip nat inside source list 101 inter fa0 overload
ip dhcp pool TEST
no dns-server 10.101.112.1
dns-server 4.2.2.1 8.8.8.8
Generally, you should be able to ping your gateway, but the other end could have icmp turned off for some reason. After the above changes, try pinging like this:
ping 8.8.8.8 source vlan 1
If you get back '!!!!', you're at least good at the router side....
HTH,
John
*** Please rate all useful posts ***
12-04-2012 08:45 AM
Did you set your default gateway on the host manually? If not, you'll need "default-router 10.101.112.1" under your dhcp pool. Copy and paste the below in:
!!! Copy Below -----
ip dhcp pool TEST
default-router 10.101.112.1
!
Once you do this, release and renew the address on the host and you should have a default gateway....
HTH,
John
*** Please rate all useful posts ***
12-05-2012 03:20 AM
Hi John, thanks for the reply!
I have added the default-router to the DHCP pool that you suggested and my client is now picking up this correctly via DHCP.
I am still unable to connect to the internet though!!!
From the router IOS I can ping Fa0 which has an IP address of 82.68.53.244, I can ping it because it is assigned to the interface rather than remote, I seem to be unable to ping the next hop which is 82.68.53.241 which I dont know why! My default ip route is 0.0.0.0 0.0.0.0 82.68.53.241, so I cant get to the internet because my router can ping that address
Please see my script below which also includes you ammendment! Your help is much appreciated
Scott
hostname STHTEST
boot-start-marker
boot-end-marker
enable secret 5 $1$Xwk9$CycoKj.BH19vdUN.cwc9L0
no aaa new-model
resource policy
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 10.101.112.1 10.101.112.99
ip dhcp excluded-address 10.101.112.200 10.101.112.254
ip dhcp pool TEST
network 10.101.112.0 255.255.255.0
dns-server 10.101.112.1
default-router 10.101.112.1
no ip domain lookup
interface FastEthernet0
description OUTSIDE
ip address 82.68.53.244 255.255.255.248
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
interface FastEthernet1
no ip address
shutdown
duplex auto
speed auto
interface BRI0
no ip address
encapsulation hdlc
shutdown
interface FastEthernet2
interface FastEthernet3
interface FastEthernet4
interface FastEthernet5
interface FastEthernet6
interface FastEthernet7
interface FastEthernet8
interface FastEthernet9
interface Vlan1
description INSIDE
ip address 10.101.112.1 255.255.255.0
ip nat inside
ip virtual-reassembly
ip route 0.0.0.0 0.0.0.0 82.68.53.241
no ip http server
no ip http secure-server
ip nat inside source list 101 interface Vlan1 overload
access-list 101 permit ip 10.101.112.0 0.0.0.255 any
control-plane
line con 0
line aux 0
line vty 0 4
password cisco
login
webvpn context Default_context
ssl authenticate verify all
no inservice
end
12-05-2012 03:39 AM
Scott,
Try this:
no ip nat inside source list 101 interf vlan1 overload
ip nat inside source list 101 inter fa0 overload
ip dhcp pool TEST
no dns-server 10.101.112.1
dns-server 4.2.2.1 8.8.8.8
Generally, you should be able to ping your gateway, but the other end could have icmp turned off for some reason. After the above changes, try pinging like this:
ping 8.8.8.8 source vlan 1
If you get back '!!!!', you're at least good at the router side....
HTH,
John
*** Please rate all useful posts ***
12-05-2012 04:54 AM
John you are a star! Its all working now thanks to you. Really do appreciate your help
Thanks again
Scott
12-05-2012 06:36 AM
I'm glad I could help!
HTH,
John
*** Please rate all useful posts ***
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide