cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3956
Views
0
Helpful
3
Replies

Cisco 1921 and DHCP WAN

Hi Everyone,

I'm having a bit of a struggle with configuring my brand new 1921 router. I think something goes wrong with setting the default gateway:

Config is like this:

---

Current configuration : 3906 bytes
!
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname rt
!
boot-start-marker
boot-end-marker
!
logging buffered 51200
enable secret 5 xxx
!
no aaa new-model
clock timezone PCTime 1
clock summer-time PCTime date Mar 30 2003 2:00 Oct 26 2003 3:00
!
no ipv6 cef
ip source-route
no ip routing
no ip cef
!
ip domain name not-public
ip name-server 8.8.8.8
ip name-server 8.8.4.4
multilink bundle-name authenticated
!
license udi pid CISCO1921/K9
!
interface GigabitEthernet0/0
description $ETH-LAN$
ip address 192.168.241.254 255.255.255.0
ip nat inside
ip virtual-reassembly
no ip route-cache
duplex auto
speed auto
!
interface GigabitEthernet0/1
description $ETH-WAN$
ip address dhcp client-id GigabitEthernet0/1
no ip route-cache
duplex auto
speed auto
!
interface FastEthernet0/0/0
!
interface FastEthernet0/0/1
!
interface FastEthernet0/0/2
!
interface FastEthernet0/0/3
!
interface Vlan1
description $ES_LAN$
ip address 192.168.240.254 255.255.255.0
no ip route-cache
no mop enabled
!
ip forward-protocol nd
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
ip nat inside source list 2 interface GigabitEthernet0/1 overload
ip route 192.168.226.0 255.255.255.0 Vlan1 192.168.240.253
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0 dhcp
!
access-list 2 remark CCP_ACL Category=2
access-list 2 permit 192.168.241.0 0.0.0.255
access-list 23 remark CCP_ACL Category=17
access-list 23 permit 192.168.240.0 0.0.0.255
access-list 23 permit 192.168.226.0 0.0.0.255
!
control-plane
!
line con 0
login local
line aux 0
line vty 0 4
access-class 23 in
privilege level 15
login local
transport input telnet ssh
line vty 5 15
access-class 23 in
privilege level 15
login local
transport input telnet ssh
!
scheduler allocate 20000 1000
end

---

A bit of history:

I outgrew my ZyWall (or had to admit that it was a piece of junk), so I purchased an ASA 5505 to replace it. Only to learn that an ASA only has one active connection at the time. So the next move was to get a router to put in front of the ASA to handle my two lines concurrently. I have a 90 Mbit fiber connection with a "DHCP Static IP" and 20/10Mbit with regular static IPs. The slow line is running on my ASA right now, so I have been trying to configure the fast line on the router and when I have that working, I will migrate the other line.

But I'm stuck at configuring the WAN connection. Can some one please give some advice on what I'm doing wrong?

3 Replies 3

Kasiraman S
Level 1
Level 1

Hi,

Currently the default-gateway is point towards the LAN side, I believe to are trying to get to the internet via the WAN link, if so please point the default static route via Gi0/1.

ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/1 dhcp

Do rate helpful post.

Thanks,

Kasi.

kasiva_1987 wrote:

Hi,

Currently the default-gateway is point towards the LAN side, I believe to are trying to get to the internet via the WAN link, if so please point the default static route via Gi0/1.

ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/1 dhcp

That is NOT necessary. Interfaces with a DHCP aquired address automatically install a default route, if present in DHCP reply.

Juan Perez
Level 1
Level 1

Hi Ilja,

What is the real problem, is it that you are not able to get an IP? Do you get an IP but you are unable to go out? You are missing some NAT commands (ip nat inside and ip nat outside), moreover as Paolo stated there is no need to have an static route since you should be getting it via DHCP, you can confirm this by using a "show dhcp lease". Sometimes when you have a cable connection, you would need to power off the external device for some time so ISP can clear the layer 2 information and detect your router's MAC address.

Regards.

Review Cisco Networking for a $25 gift card