11-29-2012 04:26 AM - edited 03-04-2019 06:16 PM
Hi,
I am trying to get the Cisco 1921 to route between 2 LANs. I can ping from the router itself, but cannot ping across either, is there something I am doing wrong here:
version 15.1
!no aaa new-model
!no ipv6 cef
ip source-route
ip cef
!ip dhcp excluded-address 192.168.1.1
ip dhcp excluded-address 192.168.5.1
!
!ip dhcp pool vlan5
network 192.168.5.0 255.255.255.0
dns-server 192.168.5.1
default-router 192.168.5.1
lease 7
!
ip dhcp pool native1
network 192.168.1.0 255.255.255.0
dns-server 192.168.1.1
default-router 192.168.1.1
lease 7
!
!interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
ip address 128.65.102.102 255.255.0.0
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
!
interface GigabitEthernet0/1.1
encapsulation dot1Q 1 native
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface GigabitEthernet0/1.5
encapsulation dot1Q 5
ip address 192.168.5.1 255.255.255.0
no ip redirects
no ip unreachables
ip flow ingress
ip nat inside
ip virtual-reassembly in
!
!ip forward-protocol nd
!
ip route 0.0.0.0 0.0.0.0 128.65.101.204
!
11-29-2012 04:48 AM
Check PC's have firewall disabled.
11-29-2012 06:06 AM
Yep, these have been disabled. It's not the PCs though, I can't even ping the gateway (128.65.101.204) on the WAN side from behind the router.
11-29-2012 06:25 AM
Hi Robert,
Just a random check is the switch port coming from router has been trunked.
Regards
Thanveer
"Everybody is genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is a stupid."
11-29-2012 06:29 AM
can you also post switch config?
11-29-2012 06:34 AM
Maybe has not been incoded, but you also need a nat command in global config.
11-29-2012 07:52 AM
Muhammed,
The router doesn;t have switchports, so not sure how I can do that? It only has the 2 gigabit ports built-in and as listed above.
Paolo,
What NAT command would I need? Would this stop traffic even going from behind the NAT to infront of it?
Edit: nevermind, I've managed to get it, I needed NAT and access list commands in there.
Thanks to both.
11-29-2012 09:22 AM
How would I shape traffic in both directions on the VLANs above to the 0/0 interface.
So for instance give VLAN 1 20Mbps and VLAN 5 30Mbps?
I have added the following policy:
class-map match-any CLASS_EtherFlow_Shaping
match any
!
policy-map POLICY_EtherFlow_Shaping
class CLASS_EtherFlow_Shaping
shape average 29000000
and attached this to VLAN 5, but this way I can only manage traffic coming inbound. How would I do this to cover outbound traffic as well?
11-29-2012 09:33 AM
Actually the shaping command afftect outbound traffic, that is, leaving the interface.
To limit traffic entering an interface, apply shaping to the other interface where it leaves the router.
11-29-2012 09:38 AM
Ok, yes that makes sense, but if I only have VLANs on one interface, how do I limit it the other direction? I would only be able to limit traffic for all the VLANs then and not individually?
11-29-2012 09:42 AM
You would use ACLs in class-map to define what IPs are limited and what are not.
Please remember to rate useful posts clicking on the stars below.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: