cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2205
Views
0
Helpful
19
Replies

CISCO 2921

TristanGude
Level 1
Level 1

Can I connect a CISCO 2921 Router to a Wan through one of the gig ports or I need an EHWIC to do this?

19 Replies 19

ghostinthenet
Level 7
Level 7

You can definitely use one of the GigabitEthernet ports. Using one for WAN and the others for LAN/DMZ functionality is a fairly standard configuration for those routers.

Thank you. I cannot get it to work. Do you have any configuration example for the WAN side, that you would like to share? Thank you

Hi Tristan,

If you can, please describe the issue with some more details.

Regards,

Aref

We just bought two CISCO 2921 for my workplace. I am trying to learn how to set them up. We have been using Netgear for years. Our network has grown and Netgears are not enough anymore.

So I have a lab where I have a Netgear FVX538 connected to the Internet. Netgear LAN configuration is 172.18.0.1 255.255.255.0

I connected the CISCO to one of the LAN ports in the NETGEAR through gig 0/0. See configuration below.

I have connected a LAPTOP to gig 0/1, but it does not get to connect to the Internet. Another laptop, which is connected directly to NETGEAR cannot ping the CISCO Router

Using 2272 out of 262136 bytes

! Last configuration change at 19:30:41 PCT Sun Nov 2 2014

version 15.2

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

hostname CISCO-2921-Router-Elementary

!

boot-start-marker

boot-end-marker

!

no aaa new-model

memory-size iomem 25

clock timezone PCT -8 0

!

ip cef

!

no ip dhcp conflict logging

ip dhcp excluded-address 172.18.1.1 172.18.1.99

ip dhcp excluded-address 172.18.2.1 172.18.2.99

ip dhcp excluded-address 172.18.3.1 172.18.3.99

!

ip dhcp pool 0

 network 172.18.2.0 255.255.255.0

 domain-name elsolacademy.net

 dns-server 172.18.0.228

 default-router 172.18.1.1

 lease 30

!

!

!

no ip domain lookup

ip host Netgear-FVX538 172.18.0.1

ip name-server 172.18.0.228

ip name-server 209.18.47.61

ip name-server 209.18.47.62

no ipv6 cef

multilink bundle-name authenticated

!

crypto pki trustpoint TP-self-signed-969957288

 enrollment selfsigned

 subject-name cn=IOS-Self-Signed-Certificate-969957288

 revocation-check none

 rsakeypair TP-self-signed-969957288

!

crypto pki certificate chain TP-self-signed-969957288

 certificate self-signed 01 nvram:IOS-Self-Sig#3.cer

license udi pid CISCO2921/K9 sn FGL175310DP

!

!

interface Embedded-Service-Engine0/0

 no ip address

 shutdown

!

interface GigabitEthernet0/0

 description Internet

 ip address 172.18.1.1 255.255.255.0

 ip helper-address 172.18.0.1

 ip helper-address 24.199.49.77

 duplex auto

 speed auto

!

interface GigabitEthernet0/1

 ip address 172.18.2.1 255.255.255.0

 duplex auto

 speed auto

!

interface GigabitEthernet0/2

 ip address 172.18.3.1 255.255.255.0

 duplex auto

 speed auto

!

router rip

 network 172.18.0.0

!

ip default-gateway 172.18.0.1

ip forward-protocol nd

!

no ip http server

ip http secure-server

!

ip route 172.18.1.0 255.255.255.0 172.18.0.1

ip route 172.18.2.0 255.255.255.0 GigabitEthernet0/0

ip route 172.18.3.0 255.255.255.0 GigabitEthernet0/0

!

control-plane

!

line con 0

 exec-timeout 0 0

 logging synchronous

line aux 0

 password brilla2012

line 2

 no activation-character

 no exec

 transport preferred none

 transport output pad telnet rlogin lapb-ta mop udptn v120 ssh

 stopbits 1

line vty 0 4

 password brilla2012

 login

 transport input all

!

scheduler allocate 20000 1000

!

end

 

There are many different ways it could be configured depending on the ISP and te technology being used. Do you have any details on what kind of WAN connection you're using?

We just bought two CISCO 2921 for my workplace. I am trying to learn how to set them up. We have been using Netgear for years. Our network has grown and Netgears are not enough anymore.

So I have a lab where I have a Netgear FVX538 connected to the Internet. Netgear LAN configuration is 172.18.0.1 255.255.255.0

I connected the CISCO to one of the LAN ports in the NETGEAR through gig 0/0. See configuration below.

I have connected a LAPTOP to gig 0/1, but it does not get to connect to the Internet. Another laptop, which is connected directly to NETGEAR cannot ping the CISCO Router

Using 2272 out of 262136 bytes

! Last configuration change at 19:30:41 PCT Sun Nov 2 2014

version 15.2

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

hostname CISCO-2921-Router-Elementary

!

boot-start-marker

boot-end-marker

!

no aaa new-model

memory-size iomem 25

clock timezone PCT -8 0

!

ip cef

!

no ip dhcp conflict logging

ip dhcp excluded-address 172.18.1.1 172.18.1.99

ip dhcp excluded-address 172.18.2.1 172.18.2.99

ip dhcp excluded-address 172.18.3.1 172.18.3.99

!

ip dhcp pool 0

 network 172.18.2.0 255.255.255.0

 domain-name elsolacademy.net

 dns-server 172.18.0.228

 default-router 172.18.1.1

 lease 30

!

!

!

no ip domain lookup

ip host Netgear-FVX538 172.18.0.1

ip name-server 172.18.0.228

ip name-server 209.18.47.61

ip name-server 209.18.47.62

no ipv6 cef

multilink bundle-name authenticated

!

crypto pki trustpoint TP-self-signed-969957288

 enrollment selfsigned

 subject-name cn=IOS-Self-Signed-Certificate-969957288

 revocation-check none

 rsakeypair TP-self-signed-969957288

!

crypto pki certificate chain TP-self-signed-969957288

 certificate self-signed 01 nvram:IOS-Self-Sig#3.cer

license udi pid CISCO2921/K9 sn FGL175310DP

!

!

interface Embedded-Service-Engine0/0

 no ip address

 shutdown

!

interface GigabitEthernet0/0

 description Internet

 ip address 172.18.1.1 255.255.255.0

 ip helper-address 172.18.0.1

 ip helper-address 24.199.49.77

 duplex auto

 speed auto

!

interface GigabitEthernet0/1

 ip address 172.18.2.1 255.255.255.0

 duplex auto

 speed auto

!

interface GigabitEthernet0/2

 ip address 172.18.3.1 255.255.255.0

 duplex auto

 speed auto

!

router rip

 network 172.18.0.0

!

ip default-gateway 172.18.0.1

ip forward-protocol nd

!

no ip http server

ip http secure-server

!

ip route 172.18.1.0 255.255.255.0 172.18.0.1

ip route 172.18.2.0 255.255.255.0 GigabitEthernet0/0

ip route 172.18.3.0 255.255.255.0 GigabitEthernet0/0

!

control-plane

!

line con 0

 exec-timeout 0 0

 logging synchronous

line aux 0

 password brilla2012

line 2

 no activation-character

 no exec

 transport preferred none

 transport output pad telnet rlogin lapb-ta mop udptn v120 ssh

 stopbits 1

line vty 0 4

 password brilla2012

 login

 transport input all

!

scheduler allocate 20000 1000

!

end

Hi,

Interface GigabitEthernet0/0 is setup with ip address 172.18.1.1 255.255.255.0, and Netgear has ip address 172.18.0.1 255.255.255.0, they are on different networks, you should correct the ip addresses, in addition the static routes are not appropriate, since those networks 172.18.1.0, 172.18.2.0 and 172.18.3.0 are connected to the Cisco router itself, you don't need them, also you should setup a default static route towards your gateway, it should be the Netgear ip address 172.18.0.1, finally you should ensure that the Netgear router knows how to get back to networks 172.18.2.0 and 172.18.3.0.

Regards,

Aref
 

First of all, thank you very much.

Let me see if I understood your answer.

1- Change the gig 0/0 address to 172.18.0.50 255.255.255.0. ?

2- IP routes should be ip route 172.18.2.0 255.255.255.0 172.18.0.1

Is that correct?

You are welcome Tristan.

Correct, g0/0 should be on the same subnet of the Negear, instead the default route should be towards any, example "ip route 0.0.0.0 0.0.0.0 172.18.0.1", and as mentioned before, Negear has to know how to get back to networks 172.18.2.x and 172.18.3.x., another solution would be to apply natting on the Cisco router so the Netgear would see all those networks as 172.18.0.x.

Please let me know if you still unclear.

Regards,

Aref

Hi,

Thank you

I have made some progress, but now I cannot route from the vlans.

See attached config

Now the router is directly connected to the Internet, through gig 0/1

gig 0/0 is the internal network

 

Hi Tristan,

That because the subinterfaces are not able to inter-route with the same physical interface where they are configured. Please try to do these modifications:

interface GigabitEthernet0/0
 no ip address
 no ip nat inside
!
interface GigabitEthernet0/0.1
 encapsulation dot1Q 1 (assuming the native vlan on the trunk is vlan 1)
 ip address  172.16.0.1 255.255.255.0
 ip nat inside

Now on all other subinterfaces you should apply "ip nat inside", example:
interface GigabitEthernet0/0.15
 ip nat inside
!
interface GigabitEthernet0/0.101
 ip nat inside

and so on.

This static route is not needed and is not correct, because with that you are saying to route the traffic towards the network 172.16.0.0/16 out of g0/1 interface. It would not hurt in your case because the router would prefer the connected routes overy the static one, but please remove it:

no ip route 172.16.0.0 255.255.255.0 GigabitEthernet0/1

Regards,

Aref

Thank you very much

You are very welcome.

Please let me know if it did work properly.

Regards,

Aref

How can I define the Native Vlan or any other vlan in more than one interface? is that possible?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: