cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1238
Views
9
Helpful
10
Replies

Cisco 1921 LAN routing

robertsouthgate
Level 1
Level 1

Hi,

I am trying to get the Cisco 1921 to route between 2 LANs.  I can ping from the router itself, but cannot ping across either, is there something I am doing wrong here:

version 15.1

!

no aaa new-model

!

no ipv6 cef

ip source-route

ip cef

!

ip dhcp excluded-address 192.168.1.1

ip dhcp excluded-address 192.168.5.1

!

!

ip dhcp pool vlan5

network 192.168.5.0 255.255.255.0

dns-server 192.168.5.1

default-router 192.168.5.1

lease 7

!

ip dhcp pool native1

network 192.168.1.0 255.255.255.0

dns-server 192.168.1.1

default-router 192.168.1.1

lease 7

!

!

interface Embedded-Service-Engine0/0

no ip address

shutdown

!

interface GigabitEthernet0/0

ip address 128.65.102.102 255.255.0.0

ip nat outside

ip virtual-reassembly in

duplex auto

speed auto

!

interface GigabitEthernet0/1

no ip address

duplex auto

speed auto

!

interface GigabitEthernet0/1.1

encapsulation dot1Q 1 native

ip address 192.168.1.1 255.255.255.0

ip nat inside

ip virtual-reassembly in

!

interface GigabitEthernet0/1.5

encapsulation dot1Q 5

ip address 192.168.5.1 255.255.255.0

no ip redirects

no ip unreachables

ip flow ingress

ip nat inside

ip virtual-reassembly in

!

!

ip forward-protocol nd

!

ip route 0.0.0.0 0.0.0.0 128.65.101.204

!


10 Replies 10

paolo bevilacqua
Hall of Fame
Hall of Fame

Check PC's have firewall disabled.

Yep, these have been disabled. It's not the PCs though, I can't even ping the gateway (128.65.101.204) on the WAN side from behind the router.

Hi Robert,

Just a random check is the switch port coming from router has been trunked.

Regards
Thanveer
"Everybody is genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is a stupid."

can you also post switch config?

Maybe has not been incoded, but you also need a nat command in global config.

robertsouthgate
Level 1
Level 1

Muhammed,

The router doesn;t have switchports, so not sure how I  can do that?  It only has the 2 gigabit ports built-in and as listed  above.

Paolo,

What NAT command would I need?  Would this stop traffic even going from behind the NAT to infront of it?

Edit: nevermind, I've managed to get it, I needed NAT and access list commands in there.

Thanks to both.

robertsouthgate
Level 1
Level 1

How would I shape traffic in both directions on the VLANs above to the 0/0 interface.

So for instance give VLAN 1 20Mbps and VLAN 5 30Mbps?

I have added the following policy:      

class-map match-any CLASS_EtherFlow_Shaping

match any

!

policy-map POLICY_EtherFlow_Shaping

class CLASS_EtherFlow_Shaping

  shape average 29000000

and attached this to VLAN 5, but this way I can only manage traffic coming inbound.  How would I do this to cover outbound traffic as well?

Actually the shaping command afftect outbound traffic, that is, leaving the interface.

To limit traffic entering an interface, apply shaping to the other interface where it leaves the router.

Ok, yes that makes sense, but if I only have VLANs on one interface, how do I limit it the other direction?  I would only be able to limit traffic for all the VLANs then and not individually?

You would use ACLs in class-map to define what IPs are limited and what are not.

Please remember to rate useful posts clicking on the stars below.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: