Cisco 1941 no Internet access for LAN

JJFlores1 · ‎12-11-2019

Hi. I'm trying to setup my home network to use my Cisco 1941 router, but I'm running into some problems with what I'm assuming has to do with NAT overloading.

My network is as follows:

Cable Modem<-->Netgear R6400<-->Cisco 2960-S Switch<-->LAN devices

I'd like to replace the Netgear router with my Cisco router to handle all network routing.

Just to make things simple for now, I'm using the 192.168.1.0/24 network scheme.

The router has 2 Gigabit interfaces that I'm using. GigabitEthernet0/0 is my WAN interface and is what connects to the cable modem. It gets its public IP address from Comcast through DHCP and I have configured it as such.

GigabitEthernet0/1 is my LAN interface and it connects to the 2960-S switch. I gave this interface an IP address of 192.168.1.1 just for simplicity. I have a dedicated DHCP server already setup and all of my internal hosts can get their IP and other network info from it with no problems.

The router can ping both internal and external hosts with no problems at all, so I know that it has Internet connectivity. My LAN devices can ping each other and the router just fine, but they cannot ping outside hosts nor do they have any Internet access. This is the problem that I'm facing and wanting to resolve. I'm using NAT overloading and assume I have set it up correctly. If I issue a show ip nat translation command, I get tons and tons of entries from my LAN devices, so I'm assuming that NAT is at least somewhat working. I'm not sure if I have my ip nat inside and ip nat outside commands are flipped or if I need to configure something else or what. I don't really know what to do now, so I would really appreciate any help.

I've attached my show run config as a text file.

Francesco Molino · ‎12-11-2019

Hi

Your ip nat inside and outside are correct.
However the rest of the nat isn't correct.

Apply the following commands:

no ip nat inside source list 1 pool LAN_Pool overload
!
no ip nat pool LAN_Pool 192.168.1.1 192.168.1.254 netmask 255.255.255.0
!
ip nat inside source list 1 interface g0/0 overload

Then you should be able to access internet from your hosts.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

Georg Pauwen · ‎12-12-2019

Hello,

I think you are also missing the default route. So the entire config should look like below (important parts marked in bold):

Home_Router#show run
Building configuration...

Current configuration : 1486 bytes
!
! Last configuration change at 02:14:03 UTC Thu Dec 12 2019
! NVRAM config last updated at 00:02:23 UTC Thu Dec 12 2019
! NVRAM config last updated at 00:02:23 UTC Thu Dec 12 2019
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Home_Router
!
boot-start-marker
boot-end-marker
!
no aaa new-model
!
no ipv6 cef
ip source-route
ip cef
!
multilink bundle-name authenticated
!
crypto pki token default removal timeout 0
!
license udi pid CISCO1941/K9 sn XXXXXXXXXX
!
redundancy
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description WAN
ip address dhcp
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/1
description LAN
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip nat inside source list 1 interface GigabitEthernet0/0 overload
!
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0 dhcp
!
access-list 1 permit 192.168.1.0 0.0.0.255
!
control-plane
!
line con 0
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
login
transport input all
!
scheduler allocate 20000 1000
end

paul driver · ‎12-12-2019

Hello
As long as your clients are receivng valid dns server(s)in their dhcp lease then what you are missing is just a default route-you nat looks okay

ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0 dhcp

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul