06-01-2015 07:19 AM - edited 03-05-2019 01:35 AM
Hello folks would really appreciate your assistance here, got the following configuration on a brand new cisco 881 router connected to a dedicated leased line to the internet, my cisco 881 is directly connected from FE0/4 to port on Cisco 2900(ISP) and the cisco 881 will ping 100% to 8.8.8.8 but getting no internet traffic to resolve.
Reall, Really would appreciate help here, please see my config below:-
Building configuration...
Current configuration : 6429 bytes
!
! Last configuration change at 13:51:45 UTC Mon Jun 1 2015 by ciscoadmin
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router001
!
boot-start-marker
boot-end-marker
!
!
logging buffered 51200 warnings
!
no aaa new-model
!
crypto pki trustpoint TP-self-signed-71805791
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-71805791
revocation-check none
rsakeypair TP-self-signed-71805791
!
!
crypto pki certificate chain TP-self-signed-71805791
certificate self-signed 01
30820227 30820190 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
2F312D30 2B060355 04031324 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 37313830 35373931 301E170D 31353035 30363131 31383132
5A170D32 30303130 31303030 3030305A 302F312D 302B0603 55040313 24494F53
2D53656C 662D5369 676E6564 2D436572 74696669 63617465 2D373138 30353739
3130819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 8100D476
AE76B9B6 362C8B69 63C421EC DC819095 5F65C51E 951053FE 14754DE3 41297003
ABBC6BA7 1ABC56FC 36A2BE04 0398F940 F95A74BA E9A10ABB F14A3BB4 4EF72DC8
3BC43495 05EDAB6D 61EBF182 77BFD737 560858E8 AB535A44 EEB6CBF1 410377F6
2C731009 E2B8B43C B1CB22A3 A40661D6 AC8A4713 6E228F80 AAF1035A DF6F0203
010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603 551D2304
18301680 146CF3CA 4664E300 95919820 33789EB4 78A0784B 61301D06 03551D0E
04160414 6CF3CA46 64E30095 91982033 789EB478 A0784B61 300D0609 2A864886
F70D0101 05050003 81810066 6708DA8C 41B3D1BD BE1CB9C7 AFF0D259 2C839CA6
92D85F50 CC31529D E7106C43 D493DF78 722AF337 ADD4B3F2 9F9C80D3 18D8864F
58AF0C15 87BDF8F0 000EBCCB 55FEC744 8A8500EE BEB73BC7 C4EA61E1 F416227A
85FF5937 8A0B4102 106BA8C2 DC7BA281 6F0570C5 FF580934 E88DF582 A52A3924
24233E43 08C4D63B 4D573D
quit
ip cef
!
!
!
ip dhcp excluded-address 10.10.10.1
ip dhcp excluded-address 10.10.222.1 10.10.222.4
ip dhcp excluded-address 10.10.222.101 10.10.222.254
ip dhcp excluded-address 10.10.123.111 10.10.123.254
ip dhcp excluded-address 10.10.123.1
!
ip dhcp pool ccp-pool
import all
network 10.10.123.0 255.255.255.0
default-router 10.10.123.1
dns-server 194.72.6.57 194.73.82.242
lease 3 2
!
ip dhcp pool Guest Wi-Fi vlan10
import all
network 10.10.222.0 255.255.255.0
default-router 10.10.222.1
!
ip dhcp pool GuestWiFi
import all
dns-server 208.67.220.220 208.67.222.222
default-router 10.10.222.1
lease 3
!
!
!
ip domain name yourdomain.com
ip name-server 194.72.6.57
ip name-server 194.73.82.242
no ipv6 cef
!
!
license udi pid C881W-E-K9 sn FCZ1919C1JZ
!
!
username username privilege 15 secret 5 $1$EUmZ$HDfrfM/BQLWvbSrqxbFXc0
username ciscoadmin privilege 15 secret 5 $1$tumX$1TOi6wDA4VLicH80SeTOo0
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0
no ip address
!
interface FastEthernet1
switchport access vlan 10
no ip address
!
interface FastEthernet2
no ip address
!
interface FastEthernet3
no ip address
!
interface FastEthernet4
description PrimaryWANDesc_BT Fibre Leased Line
ip address 81.128.140.107 255.255.255.248
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
interface Wlan-GigabitEthernet0
description Internal switch interface connecting to the embedded AP
switchport mode trunk
no ip address
!
interface wlan-ap0
description Service module interface to manage the embedded AP
ip unnumbered Vlan1
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
ip address 10.10.123.1 255.255.255.0
ip tcp adjust-mss 1412
!
interface Vlan10
ip address 10.10.222.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
ip tcp adjust-mss 1412
!
interface Dialer1
ip address negotiated
ip mtu 1452
ip nat outside
ip virtual-reassembly in
encapsulation ppp
dialer pool 1
dialer-group 1
ppp ipcp dns request
no cdp enable
!
ip default-gateway 81.128.140.105
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
ip nat inside source list nat-list interface FastEthernet4 overload
ip route 0.0.0.0 0.0.0.0 FastEthernet4
!
dialer-list 1 protocol ip permit
dialer-list 2 protocol ip permit
no cdp run
!
!
banner exec ^C
% Password expiration warning.
-----------------------------------------------------------------------
Cisco Configuration Professional (Cisco CP) is installed on this device
and it provides the default username "cisco" for one-time use. If you have
already used the username "cisco" to login to the router and your IOS image
supports the "one-time" user option, then this username has already expired.
You will not be able to login to the router with this username after you exit
this session.
It is strongly suggested that you create a new username with a privilege level
of 15 using the following command.
username <myuser> privilege 15 secret 0 <mypassword>
Replace <myuser> and <mypassword> with the username and password you
want to use.
-----------------------------------------------------------------------
^C
banner login ^C
-----------------------------------------------------------------------
Cisco Configuration Professional (Cisco CP) is installed on this device.
This feature requires the one-time use of the username "cisco" with the
password "cisco". These default credentials have a privilege level of 15.
YOU MUST USE CISCO CP or the CISCO IOS CLI TO CHANGE THESE
PUBLICLY-KNOWN CREDENTIALS
Here are the Cisco IOS commands.
username <myuser> privilege 15 secret 0 <mypassword>
no username cisco
Replace <myuser> and <mypassword> with the username and password you want
to use.
IF YOU DO NOT CHANGE THE PUBLICLY-KNOWN CREDENTIALS, YOU WILL
NOT BE ABLE TO LOG INTO THE DEVICE AGAIN AFTER YOU HAVE LOGGED OFF.
For more information about Cisco CP please follow the instructions in the
QUICK START GUIDE for your router or go to http://www.cisco.com/go/ciscocp
-----------------------------------------------------------------------
^C
!
line con 0
login local
no modem enable
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
stopbits 1
line vty 0 4
privilege level 15
login local
transport input telnet ssh
line vty 5 15
access-class 23 in
privilege level 15
login local
transport input telnet ssh
!
scheduler allocate 20000 1000
!
end
Solved! Go to Solution.
06-01-2015 12:37 PM
Hello.
First, you might be missing "ip nat inside" on Vlan1; also ACL "nat-list" is not defined.
Second, default gateway should have next-hop.
06-01-2015 12:37 PM
Hello.
First, you might be missing "ip nat inside" on Vlan1; also ACL "nat-list" is not defined.
Second, default gateway should have next-hop.
06-01-2015 01:27 PM
Thank you.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide