Re: Cisco 2811 Router - Need Help W/ Basic Configuration

mikewestpcs · ‎06-16-2012

Hello everyone, I've followed a few guides online to try and set up my router. I would like to use the two FastEthernet ports available on the 2811 for my network. I want to use one for my outside Ip address coming from the ISP and the other for my LAN to hand out Ips to the devices on my network.

With my current configuration, I still cannot connect to the internet when I plug my computer into my LAN port.

Here is my current configuration (sh running-config cmd)

Current configuration : 1565 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname USCORRTRCCA01R

!

boot-start-marker

boot-end-marker

!

! card type command needed for slot/vwic-slot 0/1

enable secret 5 $1$ZBd9$QJjb9Oi6wKrHPyAYcnsq2.

enable password chpm7612

!

no aaa new-model

dot11 syslog

!

ip cef

no ip dhcp use vrf connected

!

ip dhcp pool LAN

network 192.168.15.0 255.255.255.0

default-router xx.xx.87.2

dns-server xx.x.224.17 xx.x.224.18

!

no ip domain lookup

multilink bundle-name authenticated

!

voice-card 0

no dspfarm

!

archive

log config

hidekeys

!

interface FastEthernet0/0

description ***LAN***

ip address 192.168.15.1 255.255.255.0

ip nat inside

ip virtual-reassembly

duplex auto

speed auto

!

interface FastEthernet0/1

description ***INTERNET***

ip address xx.xx.87.2 255.255.255.248

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

!

interface Serial0/0/0

no ip address

shutdown

no fair-queue

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 xx.xx.87.3

ip route 0.0.0.0 0.0.0.0 dhcp

!

ip http server

no ip http secure-server

ip nat inside source list 1 interface FastEthernet0/1 overload

!

access-list 1 permit 0.0.0.0 255.255.255.0

access-list 1 permit 0.0.0.1 255.255.255.0

access-list 1 permit 192.168.15.0 0.0.0.255

access-list 1 permit any

!

control-plane

!

line con 0

line aux 0

line vty 0 4

access-class 1 in

password chadmin83

login

!

scheduler allocate 20000 1000

!

end

ANY HELP IS GREATLY APPRECIATED!!

P.S. I x'd out parts of my ip for privacy, incase you were wondering

John Blakley · ‎06-16-2012

Michael,

The dhcp scope needs to hand out your internal interface as the default-router. So, change that to 192.168.15.1. Aside from that, I'd change the access-list 1 to just "access-list 1 permit 192.168.15.0 0.0.0.255" and get rid of all of the other stuff that you have in there. Also, you probably should remove "ip route 0.0.0.0 0.0.0.0 dhcp" and let your .3 be your default gateway.

Oh, and I'm going to throw this out there, but if you're connecting your computer directly to fa0/1 you're going to need a crossover cable to get a connection.

HTH,

John

HTH, John *** Please rate all useful posts ***

mikewestpcs · ‎06-16-2012

Thanks so much for your help. A few questions, by dhcp scope, what do you mean? I apologize for my networking noobiness . Do you know a command to delete the rest of the "accest-list 1 permit" commands? Also, how do I "let my .3 be my default gateway" Is there a command for it? And yes, I have a crossover cable ready to go.

Again, I truly do appreciate your help so much, I've been trying to get this working for days!

tmalle001 · ‎06-16-2012

Michael,

As John stated, please do this -

config t

no ip route 0.0.0.0 0.0.0.0 dhcp

ip dhcp pool LAN

no default-router xx.xx.87.2

default-router 192.168.15.1

exit

no access-list 1 permit 0.0.0.0 255.255.255.0

no access-list 1 permit 0.0.0.1 255.255.255.0

CTRL^Z

mikewestpcs · ‎06-16-2012

Done. Rebooting the router now, and I'll let you know how everything works.

Thanks!

mikewestpcs · ‎06-16-2012

Alright, I made all the changes, and still no internet access.

Here is my new configuration:

Current configuration : 1384 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname USCORRTRCCA01R

!

boot-start-marker

boot-end-marker

!

! card type command needed for slot/vwic-slot 0/1

enable secret 5 $1$ZBd9$QJjb9Oi6wKrHPyAYcnsq2.

enable password chpm7612

!

no aaa new-model

dot11 syslog

!

ip cef

no ip dhcp use vrf connected

!

ip dhcp pool LAN

network 192.168.15.0 255.255.255.0

dns-server xx.xx.224.17 xx.xx.224.18

default-router 192.168.15.1

!

no ip domain lookup

multilink bundle-name authenticated

!

voice-card 0

no dspfarm

!

archive

log config

hidekeys

!

interface FastEthernet0/0

description ***LAN***

ip address 192.168.15.1 255.255.255.0

ip nat inside

ip virtual-reassembly

duplex auto

speed auto

!

interface FastEthernet0/1

description ***INTERNET***

ip address xx.xx.87.2 255.255.255.248

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

!

interface Serial0/0/0

no ip address

shutdown

no fair-queue

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 192.168.15.3

!

ip http server

no ip http secure-server

ip nat inside source list 1 interface FastEthernet0/1 overload

!

control-plane

!

line con 0

line aux 0

line vty 0 4

access-class 1 in

password chadmin83

login

!

scheduler allocate 20000 1000

!

end

tmalle001 · ‎06-18-2012

Your ip route statement is wrong.

Do this -

No ip route previous statement ...

Ip route 0.0.0.0 0.0.0.0 fa0/1 x.x.87.3

-Tos

tmalle001 · ‎06-16-2012

No ip route 0.0.0.0 0.0.0.0 192.168.15.3

ip route 0.0.0.0 0.0.0.0 fa0/1 x.x.87.3

(point your default route to outside interface)

mikewestpcs · ‎06-16-2012

Hmmm, still nothing !

Again, heres the current config:

Current configuration : 1412 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname USCORRTRCCA01R

!

boot-start-marker

boot-end-marker

!

! card type command needed for slot/vwic-slot 0/1

enable secret 5 $1$ZBd9$QJjb9Oi6wKrHPyAYcnsq2.

enable password chpm7612

!

no aaa new-model

dot11 syslog

!

ip cef

no ip dhcp use vrf connected

!

ip dhcp pool LAN

network 192.168.15.0 255.255.255.0

dns-server 66.7.224.17 66.7.224.18

default-router 192.168.15.1 255.255.255.0

!

no ip domain lookup

multilink bundle-name authenticated

!

voice-card 0

no dspfarm

!

archive

log config

hidekeys

!

interface FastEthernet0/0

description ***LAN***

ip address 192.168.15.1 255.255.255.0

ip nat inside

ip virtual-reassembly

duplex auto

speed auto

!

interface FastEthernet0/1

description ***INTERNET***

ip address xx.xx.87.2 255.255.255.248

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

!

interface Serial0/0/0

no ip address

shutdown

no fair-queue

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 FastEthernet0/1 xx.xx.87.3

!

ip http server

no ip http secure-server

ip nat inside source list 1 interface FastEthernet0/1 overload

!

control-plane

!

line con 0

line aux 0

line vty 0 4

access-class 1 in

password chadmin83

login

!

scheduler allocate 20000 1000

!

end

mikewestpcs · ‎06-16-2012

And by the way, I really appreciate your time! Your a HUGE help!

ryates_presido · ‎06-16-2012

Need to add back your nat acle

Access list 1 permit 192.168.15.0 0.0.0.255

Then try.

Sent from Cisco Technical Support iPad App

mikewestpcs · ‎06-17-2012

OK, unfortunately, I won't be back to the office until Monday, so I'll have to wait until then to try it. I'll let you know!

Thanks!

Sent from Cisco Technical Support iPhone App

tmalle001 · ‎06-18-2012

Where did access-list go?

mikewestpcs · ‎06-19-2012

Still nothing! I don't know whats up with this thing. I added my access list back. See anything else wrong...?

Current configuration : 1456 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname USCORRTRCCA01R

!

boot-start-marker

boot-end-marker

!

! card type command needed for slot/vwic-slot 0/1

enable secret 5 $1$ZBd9$QJjb9Oi6wKrHPyAYcnsq2.

enable password chpm7612

!

no aaa new-model

dot11 syslog

!

ip cef

no ip dhcp use vrf connected

!

ip dhcp pool LAN

network 192.168.15.0 255.255.255.0

dns-server xx.xx.224.17 xx.xx.224.18

default-router 192.168.15.1 255.255.255.0

!

no ip domain lookup

multilink bundle-name authenticated

!

voice-card 0

no dspfarm

!

archive

log config

hidekeys

!

interface FastEthernet0/0

description ***LAN***

ip address 192.168.15.1 255.255.255.0

ip nat inside

ip virtual-reassembly

duplex auto

speed auto

!

interface FastEthernet0/1

description ***INTERNET***

ip address xx.xx.87.2 255.255.255.248

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

!

interface Serial0/0/0

no ip address

shutdown

no fair-queue

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 FastEthernet0/1 xx.xx.87.3

!

ip http server

no ip http secure-server

ip nat inside source list 1 interface FastEthernet0/1 overload

!

access-list 1 permit 192.168.15.0 0.0.0.255

!

control-plane

!

line con 0

line aux 0

line vty 0 4

access-class 1 in

password chadmin83

login

!

scheduler allocate 20000 1000

!

end

mikewestpcs · ‎06-19-2012

I'm going to add a few pictures of my current network setup, this way you guys know what Im working with, and can make sure im not missing any information in my router configuration...

My T1 ^^^^

This is what my ISP brought in, I guess it would be considered a modem. ^^^

The 2811 Router ^^^

Two Fast Ethernet ports on the back (this is what im using, crossover cable into 0/1 from my mode, then a normal ethernet cable to my computer. After I confirm it works on the computer, it will be going into my 2 switches.

Not sure what this is honestly, a serial port?

I'm guessing this is where my T1 is supposed to go, but I'm not using it in my setup.

My Two switches ^^^

This is what the guy from my ISP told me to plug my router into. It's on the modem he setup.

Thanks everyone for the help...