Solved: Re: Cisco 2921 Router - Troubleshooting - Page 2

bhicks · ‎04-08-2010

Please ignore my ignorance. I'm new to this and am trying to work my way through. I have a router with 1 lan, and 3 wan prots. On the wan side I have a dsl connected with DHCP from the ISP on the wan port. I have gateway of last resort set to that interface. When I change my pc to use the lan ip of the router as my gateway address I cannot get a web page.

How can I troubleshoot this? And or can you point me in the right direction. I don't have much setup. Just a lan IP, security license installed and the dsl connect to the wan port.

Thanks in advance.

bhicks · ‎04-09-2010

Thanks for the repy.

1. My ipconfig/all shows:

Windows IP Configuration

        Host Name . . . . . . . . . . . . : lenovo-3aecc5bb
        Primary Dns Suffix . . . . . . . :
        Node Type . . . . . . . . . . . . : Unknown
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . : domain.invalid

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix . : domain.invalid
        Description . . . . . . . . . . . : Broadcom NetLink (TM) Fast Ethernet
        Physical Address. . . . . . . . . : 00-26-22-CC-58-66
        Dhcp Enabled. . . . . . . . . . . : Yes
        Autoconfiguration Enabled . . . . : Yes
        IP Address. . . . . . . . . . . . : 192.168.254.4
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 192.168.254.254
        DHCP Server . . . . . . . . . . . : 192.168.254.254
        DNS Servers . . . . . . . . . . . : 192.168.254.254
                                            192.168.254.254
        Lease Obtained. . . . . . . . . . : Friday, April 09, 2010 11:27:39 PM
        Lease Expires . . . . . . . . . . : Monday, January 18, 2038 8:14:07 PM

Ethernet adapter Wireless Network Connection:

        Media State . . . . . . . . . . . : Media disconnected
        Description . . . . . . . . . . . : Intel(R) WiFi Link 5100 AGN
        Physical Address. . . . . . . . . : 00-1E-65-B5-2C-CC

2. I want to have several DSL's and ultimate have pbr enabled. But until I can get a internet connection through this route, those plans are on hold. Our man purpose in gettng this router is to direct media traffic from our subnets out throug a dsl gateway.

3. The laptop is set to DHCP. No dns values or ip addresses are specified.

4. Tracert command output.

Tracing route to any-fp.wa1.b.yahoo.com [67.195.16
over a maximum of 30 hops:

1    <1 ms    <1 ms    <1 ms 192.168.254.254
2     *        *        *     Request timed out.
3     *        *        *     Request timed out.
4     *        *        *     Request timed out.
5     *        *        *     Request timed out.

I'm updating this ticket from the laptop that is plugged directly into the dsl modem.

Thanks.

shailesh.h · ‎04-09-2010

1. What is the Laptop IP address when connected in LAN

2. Kindly share the tracert of yahoo.com from your laptop / desktop connected to LAN

bhicks · ‎04-09-2010

IPCONFIG from laptop on our lan.

Windows IP Configuration

        Host Name . . . . . . . . . . . . : lenovo-3aecc5bb
        Primary Dns Suffix . . . . . . . :
        Node Type . . . . . . . . . . . . : Unknown
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . : private.wfsltd.com

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix . : private.wfsltd.com
        Description . . . . . . . . . . . : Broadcom NetLink (TM) Fast Ethernet
        Physical Address. . . . . . . . . : 00-26-22-CC-58-66
        Dhcp Enabled. . . . . . . . . . . : Yes
        Autoconfiguration Enabled . . . . : Yes
        IP Address. . . . . . . . . . . . : 172.24.100.42
        Subnet Mask . . . . . . . . . . . : 255.255.0.0
        Default Gateway . . . . . . . . . : 172.24.201.251
        DHCP Server . . . . . . . . . . . : 172.24.201.2
        DNS Servers . . . . . . . . . . . : 172.24.201.2
                                            209.226.175.236
                                            209.226.175.237
        Lease Obtained. . . . . . . . . . : Friday, April 09, 2010 8:49:43 AM
        Lease Expires . . . . . . . . . . : Friday, April 16, 2010 8:49:43 AM

Ethernet adapter Wireless Network Connection:

        Media State . . . . . . . . . . . : Media disconnected
        Description . . . . . . . . . . . : Intel(R) WiFi Link 5100 AGN
        Physical Address. . . . . . . . . : 00-1E-65-B5-2C-CC

Trace is as follows:

Tracing route to any-fp.wa1.b.yahoo.com [69.147.125.65]
over a maximum of 30 hops:

1    <1 ms    <1 ms    <1 ms 172.24.201.254
2    <1 ms    <1 ms    <1 ms 192.168.254.254
3     *        *        *     Request timed out.
4     *        *        *     Request timed out.
5

Thanks.

The dls modem is connected to a 50.00 dlink router, that has no settings on it other then an ip on the lan side of our netowrk. This is to facilitate users being able to use a different gateway.

bhicks · ‎04-09-2010

Problem Sovled. Turned out to be nat. I do have another question.

The changes are marked with (************ CHANGED ***************).

My questions are this.

- What affect does the ip nat inside have? I will be hooking up an asa that does nat later, and I'm not sure if this will affect that.

- What does overload do.

Thanks guys for you help and your patient. A cisco engineer had it fix in minutes.

interface GigabitEthernet0/0

description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-GE 0/0$$ES_LAN$

ip address 172.24.201.190 255.255.0.0

ip nat inside (************ CHANGED ***************)

ip virtual-reassembly (************ CHANGED ***************)

duplex auto

speed auto

!

interface GigabitEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!

interface GigabitEthernet0/2

ip address dhcp

ip nat outside (************ CHANGED ***************)

ip virtual-reassembly (************ CHANGED ***************)

duplex auto

speed auto

!

interface FastEthernet0/0/0

no ip address

shutdown

duplex auto

speed auto

!

ip forward-protocol nd

!

ip http server

ip http access-class 23

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

!

ip nat inside source list 100 interface GigabitEthernet0/2 overload (************ CHANGED ***************)

!

access-list 23 permit 172.24.0.0 0.0.255.255

access-list 100 permit ip 172.24.0.0 0.0.255.255 any (************ CHANGED ***************)

shailesh.h · ‎04-12-2010

Excellent!

1. ip nat inside will allow inside ip address range to NAT to outside whenever you are communicating. This will be defined by the access list of source interfaces as clarified in the example link provided

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_configuration_example09186a0080093f8e.shtml

2. IP overload also term as PAT i.e. using one ip address (may be interface ip) for multiple communcation using different ports.. One of the example will clarify you in detail

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a00809bd825.shtml

Please remember to rate if this post useful to you..

Cheers!

Shailesh

bhicks · ‎04-12-2010

Thanks.

Am I right in assuming that in my case so far that nat will only take place when going from g0/0 to g0/2, because of the following statement:

ip nat inside source list 100 interface GigabitEthernet0/2 overload

Does the IP NAT INSIDE on G0/0 only specifiy that nat can take place and the above statement actually causes the nat to trigger?

Thanks for you help.

shailesh.h · ‎04-12-2010

Following is TRUE

Am I right in assuming that in my case so far that nat will only take place when going from g0/0 to g0/2, because of the following statement:

ip nat inside source list 100 interface GigabitEthernet0/2 overload

Following statement - NAT will happen based on the access-list 100 i.e. for IP address mentioned in the access-list...

Does the IP NAT INSIDE on G0/0 only specifiy that nat can take place and the above statement actually causes the nat to trigger?

With regards,

Shailesh