Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1122
Views
5
Helpful
4
Replies

Cisco 2600 - Not passing internet traffic on LAN side

Go to solution
eekmiester
Level 1
Level 1

‎08-05-2018 02:04 PM

Hello everyone,

 

I want to say thank you in advance for any help that I receive.

Lets start out by saying that I haven't configured anything Cisco in about 6 years, so I am rusty.

I dug out an old 2600 Router as a refresher, and something to play around with, I may use

it in my office, just for the heck of it, but probably not.

 

So here is my issue. I have setup a basic configuration with DHCP, and a static WAN port.

The router itself, can ping the internet (8.8.8.8) with zero issue. The router can also ping

internal devices on the LAN side, no issue. But, the LAN devices cannot get on the internet and I cannot figure out why... they cannot even ping the gateway. The router itself, is fine. Which leads me to believe it is a PAT/NAT issue. The config I have, to me, should be working, and I would appreciate a fresh set of eyes.  I have omitted some segments of the IP as it is a working address, when this router isn't in use.  

 

Hopefully, someone can see something I am not.

 

Thanks again everyone,

 

Here is the configuration as-is:

 

Current configuration : 1713 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname WANETROUTER
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$2f7M$33U1px0E5ttjJtkLakofc/
!
no aaa new-model
no network-clock-participate slot 1
no network-clock-participate wic 0
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.75.1
ip dhcp excluded-address 192.168.75.2
ip dhcp excluded-address 192.168.75.3
ip dhcp excluded-address 192.168.75.4
ip dhcp excluded-address 192.168.75.5
ip dhcp excluded-address 192.168.75.250
ip dhcp excluded-address 192.168.75.251
ip dhcp excluded-address 192.168.75.252
ip dhcp excluded-address 192.168.75.253
ip dhcp excluded-address 192.168.75.254
!
ip dhcp pool wanet
network 192.168.75.0 255.255.255.0
default-router 192.168.75.254
dns-server 65.110.96.131 8.8.8.8
domain-name wanetworking.biz
!
!
ip name-server 65.110.96.131
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
ip address 65.x.x.x 255.255.255.248
ip nat outside
ip nat enable
ip virtual-reassembly
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 192.168.75.254 255.255.255.0
ip nat inside
ip nat enable
ip virtual-reassembly
duplex auto
speed auto
!
ip default-gateway 65.x.x.x    (Double checked it is correct)
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 65.x.x.x  (Double checked it is correct to the gateway)
!
!
no ip http server
no ip http secure-server
ip nat inside source list 100 interface FastEthernet0/1 overload
!
access-list 100 permit ip 192.168.75.0 0.0.0.255 any
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
login
!
!
end

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Georg Pauwen
VIP
VIP

‎08-05-2018 02:13 PM

Hello,

 

I have made a few changes to your config. Make sure the parts in bold match yours:

 

Current configuration : 1713 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname WANETROUTER
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$2f7M$33U1px0E5ttjJtkLakofc/
!
no aaa new-model
no network-clock-participate slot 1
no network-clock-participate wic 0
ip cef
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.75.1
ip dhcp excluded-address 192.168.75.2
ip dhcp excluded-address 192.168.75.3
ip dhcp excluded-address 192.168.75.4
ip dhcp excluded-address 192.168.75.5
ip dhcp excluded-address 192.168.75.250
ip dhcp excluded-address 192.168.75.251
ip dhcp excluded-address 192.168.75.252
ip dhcp excluded-address 192.168.75.253
ip dhcp excluded-address 192.168.75.254
!
ip dhcp pool wanet
network 192.168.75.0 255.255.255.0
default-router 192.168.75.254
dns-server 65.110.96.131 8.8.8.8
domain-name wanetworking.biz
!
ip name-server 65.110.96.131
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
interface FastEthernet0/0
ip address 65.x.x.x 255.255.255.248
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 192.168.75.254 255.255.255.0
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
!
ip forward-protocol nd
!
ip route 0.0.0.0 0.0.0.0 65.x.x.x
!
no ip http server
no ip http secure-server
!
ip nat inside source list 1 interface FastEthernet0/0 overload
!
access-list 1 permit 192.168.75.0
!
control-plane
!
line con 0
line aux 0
line vty 0 4
login

View solution in original post

4 Replies 4

Go to solution
Georg Pauwen
VIP
VIP

‎08-05-2018 02:13 PM

Hello,

 

I have made a few changes to your config. Make sure the parts in bold match yours:

 

Current configuration : 1713 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname WANETROUTER
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$2f7M$33U1px0E5ttjJtkLakofc/
!
no aaa new-model
no network-clock-participate slot 1
no network-clock-participate wic 0
ip cef
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.75.1
ip dhcp excluded-address 192.168.75.2
ip dhcp excluded-address 192.168.75.3
ip dhcp excluded-address 192.168.75.4
ip dhcp excluded-address 192.168.75.5
ip dhcp excluded-address 192.168.75.250
ip dhcp excluded-address 192.168.75.251
ip dhcp excluded-address 192.168.75.252
ip dhcp excluded-address 192.168.75.253
ip dhcp excluded-address 192.168.75.254
!
ip dhcp pool wanet
network 192.168.75.0 255.255.255.0
default-router 192.168.75.254
dns-server 65.110.96.131 8.8.8.8
domain-name wanetworking.biz
!
ip name-server 65.110.96.131
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
interface FastEthernet0/0
ip address 65.x.x.x 255.255.255.248
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 192.168.75.254 255.255.255.0
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
!
ip forward-protocol nd
!
ip route 0.0.0.0 0.0.0.0 65.x.x.x
!
no ip http server
no ip http secure-server
!
ip nat inside source list 1 interface FastEthernet0/0 overload
!
access-list 1 permit 192.168.75.0
!
control-plane
!
line con 0
line aux 0
line vty 0 4
login

Go to solution
eekmiester
Level 1
Level 1
In response to Georg Pauwen

‎08-05-2018 02:49 PM

Hi Georg, thanks for the reply!

So just to verify you want me to remove

 

-ip nat enable from both interfaces

-ip default-gateway 

 

Change the ACL to what you listed

As well as the ip inside source list1 fastethernet 0/0 overload

 

Don't I want the inside interface on overload fa0/1?  Or am I mistaken about that?

0 Helpful

Go to solution
Georg Pauwen
VIP
VIP
In response to eekmiester

‎08-05-2018 03:09 PM

Hello,

 

exactly. Give that a try, it should work...

0 Helpful

Go to solution
eekmiester
Level 1
Level 1
In response to Georg Pauwen

‎08-05-2018 03:45 PM

You sir, are my hero for today!

I had to add 0.0.0.255 to the ACL but, it fired right up!

It was bothering me terribly.

 

Thank you so much!

0 Helpful
Customers Also Viewed These Support Documents