Re: Cisco 861-W issue

Armandxbs · ‎11-20-2012

Hey,

I have been stuck for a couple of days now on this issue, and was wondering if someone could help me.

I have a netger router/moden connected to my phone line for broadband, an ethernet cable coming out of that to a netgear switch an then a cable going from the switch to fa4 on the 861. I can ping the netgear router from the 861, however, when I connect my PC to it, I am unable to ping let alone connect to the internet, the PC is getting an IP from the 861 and I can ping the fa4 interface from the pc. I just don't understand my I can not ping the broadband router, I even added a static route to the netgear with no luck.

Here is my running config:

!

! Last configuration change at 13:42:38 UTC Tue Jan 3 2006 by root

! NVRAM config last updated at 13:42:39 UTC Tue Jan 3 2006 by root

!

version 15.0

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname Armand

!

boot-start-marker

boot-end-marker

!

logging buffered 51200 warnings

enable secret 5 $1$AA..$cPWFa9gFYI5QgqKLJeKq9.

!

no aaa new-model

memory-size iomem 10

!

crypto pki trustpoint TP-self-signed-2688328917

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-2688328917

revocation-check none

rsakeypair TP-self-signed-2688328917

!

crypto pki certificate chain TP-self-signed-2688328917

certificate self-signed 02

30820252 308201BB A0030201 02020102 300D0609 2A864886 F70D0101 04050030

31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274

69666963 6174652D 32363838 33323839 3137301E 170D3036 30313032 31353333

30355A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649

4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 36383833

32383931 3730819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281

8100B70A FC3BB093 B3B02180 6C45AA00 2FA4C261 62CFBF2C 1C565FB4 F5437A64

543E264D FAFF6760 11F9D93B A2730043 A48B5A21 436E8607 BCB18C5D 9BF1F6C1

6C65B17A 628C24E5 910DF2FF 65566B2D D2628759 846C4826 9065C930 3BA0EBF4

9647A0FB C9D139C9 04FF001E A2997A8C 9AC69C7B F4E8F261 0A8A09A5 F58F804A

7F3D0203 010001A3 7A307830 0F060355 1D130101 FF040530 030101FF 30250603

551D1104 1E301C82 1A41726D 616E642E 76657269 7479736F 6C757469 6F6E732E

6E657430 1F060355 1D230418 30168014 F3786EC0 8C9B2334 D24BC031 CC668ABE

41670F71 301D0603 551D0E04 160414F3 786EC08C 9B2334D2 4BC031CC 668ABE41

670F7130 0D06092A 864886F7 0D010104 05000381 8100693E 3B43FB7C F991C139

9D72F562 B2D70AAA 5CC8FF23 2C5545AB 2F5DEE05 97ED63F0 F5CB24AF BAC7F260

56971DBF 3B7B1ACB 7012DB4F 3CD4D028 2FC0BB83 8EFE0394 4E93D61D 9A2C149D

0A719097 7ECCD7A3 A8C03A53 85C4CC4C 9C6DF9B9 8CFF4FA7 4BD5F1A1 20407DCD

F45FC44F 101847C4 E5888824 E73C03AB 0978F7C8 ADCD

quit

ip source-route

!

ip dhcp excluded-address 10.10.10.1

!

ip dhcp pool ccp-pool

import all

network 10.10.10.0 255.255.255.0

default-router 10.10.10.1

lease 0 2

!

ip cef

no ip domain lookup

ip domain name local

!

license udi pid CISCO861W-GN-E-K9 sn FCZ161790JZ

!

username root privilege 15 secret 5 $1$SyF9$wHg7DmwzUmJX5AZrJIDAt1

!

interface FastEthernet0

!

interface FastEthernet1

!

interface FastEthernet2

!

interface FastEthernet3

!

interface FastEthernet4

ip address 192.168.0.100 255.255.255.0

duplex auto

speed auto

!

interface wlan-ap0

description Service module interface to manage the embedded AP

ip unnumbered Vlan1

arp timeout 0

!

interface Wlan-GigabitEthernet0

description Internal switch interface connecting to the embedded AP

!

interface Vlan1

description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$

ip address 10.10.10.1 255.255.255.0

ip tcp adjust-mss 1452

!

router rip

version 2

network 10.0.0.0

network 192.168.0.0

no auto-summary

!

ip default-gateway 192.168.0.100

ip forward-protocol nd

ip http server

ip http access-class 23

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

!

ip route 0.0.0.0 0.0.0.0 FastEthernet4

!

access-list 23 permit 10.10.10.0 0.0.0.7

access-list 24 permit 192.168.0.0

no cdp run

!

control-plane

!

banner exec

% Password expiration warning.

-----------------------------------------------------------------------

Cisco Configuration Professional (Cisco CP) is installed on this device

and it provides the default username "cisco" for one-time use. If you have

already used the username "cisco" to login to the router and your IOS image

supports the "one-time" user option, then this username has already expired.

You will not be able to login to the router with this username after you exit

this session.

It is strongly suggested that you create a new username with a privilege level

of 15 using the following command.

username <myuser> privilege 15 secret 0 <mypassword>

Replace <myuser> and <mypassword> with the username and password you

want to use.

-----------------------------------------------------------------------

banner login

-----------------------------------------------------------------------

Cisco Configuration Professional (Cisco CP) is installed on this device.

This feature requires the one-time use of the username "cisco" with the

password "cisco". These default credentials have a privilege level of 15.

YOU MUST USE CISCO CP or the CISCO IOS CLI TO CHANGE THESE

PUBLICLY-KNOWN CREDENTIALS

Here are the Cisco IOS commands.

username <myuser> privilege 15 secret 0 <mypassword>

no username cisco

Replace <myuser> and <mypassword> with the username and password you want

to use.

IF YOU DO NOT CHANGE THE PUBLICLY-KNOWN CREDENTIALS, YOU WILL

NOT BE ABLE TO LOG INTO THE DEVICE AGAIN AFTER YOU HAVE LOGGED OFF.

For more information about Cisco CP please follow the instructions in the

QUICK START GUIDE for your router or go to http://www.cisco.com/go/ciscocp

-----------------------------------------------------------------------

!

scheduler max-task-time 5000

end

Thanks.

cflory · ‎11-20-2012

It appears you have two default routes configured. While not generally an issue, perhaps a bit of clean-up would be prudent. I'd remove the 'ip default-gateway 192.168.0.100' statement, and change the destination of your default static route, to the IP address of the Netgear router.

Also, if you were attempting to utilize RIP in conjunction with the Netgear device, I'd either remove that and just make sure your static routes on the Netgear and the 861 are consistent, or enable RIP and ensure that you are advertising the default route, for your LAN, from the Netgear.

HTH!

-Chris

brad · ‎11-20-2012

I don't see a NAT configuration? Perhaps I'm missing something obvious, but I think you need NAT?

Sent from Cisco Technical Support iPhone App

shaijo.mohan · ‎11-20-2012

If you have not checked already, you can also check if the reverse route for the subnet 10.10.10.0/24 is intact on the Netgear modem.

cadet alain · ‎11-20-2012

Hi,

you should change your static route:

no ip route 0.0.0.0 0.0.0.0 FastEthernet4

ip route 0.0.0.0 0.0.0.0 192.168.0.x where 192.168.0.x is the Netgear modem/router

Now if it still isn't working then maybe the Netgear device doesn't accept to NAT traffic that is not part of its internal LAN

subnet and in this case you'll have to NAT on the Cisco device like this:

int vlan 1

ip nat in

int fa4

ip nat out

access-list 99 permit 10.10.10.0 0.0.0.255

ip nat inside source list 99 interface Fa4

Regards.

Alain

Don't forget to rate helpful posts.

Armandxbs · ‎11-25-2012

Soooo sorry for a very delayed reply (issues ), thanks so much, that worked