Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
638
Views
0
Helpful
2
Replies

Cisco 877W DHCP Does not automatically populate Windows/Mac Clients with DNS Server Entries

Go to solution
tdarmstadterii
Level 1
Level 1

‎02-20-2014 08:09 PM - edited ‎03-04-2019 10:23 PM

I have a 877W that has been operational on Verizon for approx 5 years. It has never automatically given out DNS Server info to clients that get DHCP issued IP Address. I have to manually input DNS entries in each client.  This has happened at other sites where I have 877's installed on AT&T as well as Consolidated Communications.

Here is config. Thanks in advance for assistance.

Building configuration...

Current configuration : 7987 bytes
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname cods
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 debugging
logging console critical
enable secret 5 $1$jSwA$3B5lJNqm0ewh
!
aaa new-model
!
!
aaa authentication login for-remote local
aaa authorization network remote local
!
aaa session-id common
!
resource policy
!
clock timezone PCTime -6
clock summer-time PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00
ip subnet-zero
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.7.1 192.168.7.19
ip dhcp excluded-address 192.168.7.70 192.168.7.254
!
ip dhcp pool sdm-pool1
import all
network 192.168.7.0 255.255.255.0
default-router 192.168.7.1
dns-server 68.238.96.12 68.238.112.12
!
!
ip inspect name DEFAULT100 cuseeme
ip inspect name DEFAULT100 ftp
ip inspect name DEFAULT100 h323
ip inspect name DEFAULT100 icmp
ip inspect name DEFAULT100 netshow
ip inspect name DEFAULT100 rcmd
ip inspect name DEFAULT100 realaudio
ip inspect name DEFAULT100 rtsp
ip inspect name DEFAULT100 esmtp
ip inspect name DEFAULT100 sqlnet
ip inspect name DEFAULT100 streamworks
ip inspect name DEFAULT100 tftp
ip inspect name DEFAULT100 tcp
ip inspect name DEFAULT100 udp
ip inspect name DEFAULT100 vdolive
ip tcp synwait-time 10
ip domain name cods.com
ip name-server 68.238.96.12
ip name-server 68.238.112.12
ip ssh time-out 60
ip ssh authentication-retries 2
!
!
crypto pki trustpoint TP-self-signed-437228204
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-437228204
revocation-check none
rsakeypair TP-self-signed-437228204
!
!
crypto pki certificate chain TP-self-signed-437228204
certificate self-signed 01
30820254 308201BD A0030201 02992101 300D0609 2A864886 F70D0101 04050030
30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 34333732 32383230 34301E17 0D303731 30313632 33333131
395A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3433 37323238
32303430 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
BF73E16C 24A3FB0B A44C83C8 45ACEC75 163C2F0A 87836F7F A43FEB72 0EF26AFA
C7F35ED6 CBCC6853 5E82B0A6 1FD8020B F3630023 AB30B870 B3155EE6 86988910
4ACF5121 1CBFF4DC B705DF1E 5D0D698F 06493D42 3DD8D036 FE450D21 E26A4DAF
CE6BA806 81A9F451 DA7B49E3 0246698E 160F115C E1104FA9 31FA3C15 782CD279
02030100 01A37E30 7C300F06 03551D13 0101FF04 05300301 01FF3029 0603551D
11042230 20821E63 6F64732E 63697479 6F666472 69707069 6E677370 72696E67
732E636F 6D301F06 03551D23 04183016 80142FA3 24D77493 52CF7094 B847B6EB
1385E2E5 0F3A301D 0603551D 0E041604 142FA324 D7749352 CF7094B8 47B6EB13
85E2E50F 3A300D06 092A8648 86F70D01 01040500 03818100 076EE499 12F46D79
375B7EA6 C9279DA4 B32723B5 908C9FB8 D42CB978 5130CA87 BB24A8FE 73579A3D
B7716644 7E13710D C6E6360C D0A36F7B F62540E2 0C33523B E50396B9 2EF66FA7
56519E62 E55EAF3C E1D9BEC9 3AE67B59 75E61F06 B649E90A 2798F755 7A020F0A
F8BDABFA 1EE37B6A A918560D DA45AD70 801BC66E 94D1468E
quit
username steal551 privilege 15 secret 5 $1jgO$sGD@#l4yTtLtYoEZbh/Wl.
!
!
crypto keyring vpn_ddaus
pre-shared-key address 0.0.0.0 0.0.0.0 key stealthfortyfor5
crypto keyring vpn_rmlfk
pre-shared-key address 205.30.134.22 key stealthfortyfor5
!
crypto isakmp policy 10
hash md5
authentication pre-share
group 2
!
crypto isakmp policy 30
encr 3des
authentication pre-share
group 2
crypto isakmp invalid-spi-recovery
crypto isakmp keepalive 20
!
crypto isakmp client configuration group VPNRemote
key ConnectNow45
pool ippool
crypto isakmp profile vpnclient
match identity group VPNRemote
client authentication list for-remote
isakmp authorization list remote
client configuration address respond
crypto isakmp profile CODS_DDAUS
keyring vpn_ddaus
match identity address 0.0.0.0
crypto isakmp profile CODS_RMLFK
keyring vpn_rmlfk
match identity address 205.30.134.22 255.255.255.255
!
!
crypto ipsec transform-set myset esp-3des esp-sha-hmac
!
crypto dynamic-map dynmap 10
set transform-set myset
set isakmp-profile vpnclient
crypto dynamic-map dynmap 12
set transform-set myset
set isakmp-profile CODS_DDAUS
!
!
crypto map mymap 1 ipsec-isakmp
set peer 205.30.134.22
set transform-set myset
set isakmp-profile CODS_RMLFK
match address CODS_to_RMFLK
crypto map mymap 65535 ipsec-isakmp dynamic dynmap
!
bridge irb
!
!
interface Loopback10
ip address 1.1.1.1 255.255.255.0
!
interface ATM0
no ip address
ip route-cache flow
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
description $FW_OUTSIDE$$ES_WAN$
ip verify unicast reverse-path
ip inspect DEFAULT100 out
ip nat outside
ip virtual-reassembly
pvc 0/35
encapsulation aal5snap
!
bridge-group 2
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Dot11Radio0
no ip address
no ip route-cache cef
no ip route-cache
!
encryption vlan 1 mode ciphers tkip
!
ssid tsunami
vlan 1
authentication open
authentication key-management wpa
guest-mode
wpa-psk ascii 7 14231A0E01053324363F363B36150E050B08585E
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
!
interface Dot11Radio0.1
encapsulation dot1Q 1 native
no ip route-cache
no snmp trap link-status
no cdp enable
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$FW_INSIDE$
no ip address
ip tcp adjust-mss 1452
bridge-group 1
!
interface BVI1
description $ES_LAN$$FW_INSIDE$
ip address 192.168.7.1 255.255.255.0
ip nat inside
ip virtual-reassembly
ip route-cache flow
ip tcp adjust-mss 1412
!
interface BVI2
ip address 70.14.49.134 255.255.255.0
ip nat outside
ip virtual-reassembly
crypto map mymap
!
ip local pool ippool 10.10.10.1 10.10.10.254
ip classless
ip route 0.0.0.0 0.0.0.0 70.14.49.1
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 133 interface BVI2 overload
!
ip access-list extended CODS_to_RMFLK
permit ip 192.168.7.0 0.0.0.255 192.168.1.0 0.0.0.255
!
logging trap debugging
access-list 1 permit 192.168.7.0 0.0.0.255
access-list 100 remark auto generated by Cisco SDM Express firewall configuration
access-list 100 remark SDM_ACL Category=1
access-list 100 deny ip 70.14.49.0 0.0.0.255 any
access-list 100 deny ip host 255.255.255.255 any
access-list 100 deny ip 127.0.0.0 0.255.255.255 any
access-list 100 permit ip any any
access-list 101 permit ip 192.168.7.0 0.0.0.255 192.168.3.0 0.0.0.255
access-list 133 deny ip 192.168.7.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 133 deny ip 192.168.7.0 0.0.0.255 10.10.10.0 0.0.0.255
access-list 133 deny ip 192.168.7.0 0.0.0.255 192.168.10.0 0.0.0.255
access-list 133 deny ip 192.168.7.0 0.0.0.255 192.168.3.0 0.0.0.255
access-list 133 permit ip 192.168.7.0 0.0.0.255 any
no cdp run
route-map mymap permit 10
match ip address 111
set ip next-hop 1.1.1.2
!
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
bridge 2 protocol ieee
bridge 2 route ip
banner login ^CAuthorized access only!
Disconnect IMMEDIATELY if you are not an authorized user!^C
!
line con 0
no modem enable
transport output telnet
line aux 0
transport output telnet
line vty 0 4
privilege level 15
transport input telnet ssh
!
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
end

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
paul driver
VIP
VIP

‎02-21-2014 12:13 AM

Hello

Can you try removing the IMPORT ALL from the dhcp pool

Res
Paul



Sent from Cisco Technical Support iPad App


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

View solution in original post

0 Helpful
2 Replies 2

Go to solution
paul driver
VIP
VIP

‎02-21-2014 12:13 AM

Hello

Can you try removing the IMPORT ALL from the dhcp pool

Res
Paul



Sent from Cisco Technical Support iPad App


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

Go to solution
tdarmstadterii
Level 1
Level 1
In response to paul driver

‎02-21-2014 07:37 AM

Thanks.  This CLI command plus a Nortel BCM 50 phone system's DHCP server settings was set to issue a IP Address but did not have any DNS Settings.  I removed the IMPORT ALL command and set the Nortel BCM 50 DHCP to only issue DHCP to Phones and not devices.

Thanks

Tom

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card