cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3509
Views
0
Helpful
26
Replies

Cisco 892 Router no internet connection.

Marcin Jedrol
Level 1
Level 1

I am quite new to Cisco equipment but found this one cheap and got it and now struggling to set it up to work with internet. I am using cable internet modem which is connected to a cheap wifi router and assigning ip addresses to rest of the network. I wanted to replace it with the Cisco one. I would appreciate a lot just basic router setup using WAN port. Here is the setup:

version 15.6
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname SimpleActsRouter
!
boot-start-marker
boot-end-marker
!
!
no logging buffered
!
no aaa new-model
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!


!
ip dhcp excluded-address 192.168.10.1 192.168.10.99
ip dhcp excluded-address 192.168.10.201 192.168.10.254
!
ip dhcp pool SA_Clients
network 192.168.10.0 255.255.255.0
default-router 192.168.10.1
dns-server 192.168.10.100
!
ip dhcp pool vlan2
!
!
!
ip name-server 210.158.149.33
ip name-server 210.158.150.33
ip ddns update method ccp_ddns1
DDNS both
!
ip cef
no ipv6 cef
!
!
!
!
!
multilink bundle-name authenticated
!
!
!
!
!
!
license udi pid CISCO892-K9 sn FGL153928B8
!
!
username ccpuser privilege 15 secret 5 $1$Zklk$gYdJlJmZmtKA7VK9UqZx8.
!
redundancy
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface BRI0
no ip address
encapsulation hdlc
isdn termination multidrop
!
interface FastEthernet0
switchport access vlan 2
no ip address
speed 100
!
interface FastEthernet1
switchport access vlan 2
no ip address
speed 100
!
interface FastEthernet2
switchport access vlan 2
no ip address
speed 100
!
interface FastEthernet3
switchport access vlan 2
no ip address
speed 100
!
interface FastEthernet4
switchport access vlan 2
no ip address
speed 100
!
interface FastEthernet5
switchport access vlan 2
no ip address
speed 100
!
interface FastEthernet6
switchport access vlan 2
no ip address
speed 100
!
interface FastEthernet7
switchport access vlan 2
no ip address
speed 100
!
interface FastEthernet8
description Service Connection$ETH-WAN$
ip address 192.168.30.1 255.255.255.0
duplex auto
speed auto
!
interface GigabitEthernet0
description WAN$ETH-WAN$
ip address dhcp client-id GigabitEthernet0 hostname ai202-45-170-198.ccnet-ai.ne.jp
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
interface Vlan1
no ip address
shutdown
!
interface Vlan2
ip address 192.168.10.1 255.255.255.0
!
router rip
version 2
passive-interface GigabitEthernet0
network 192.168.1.0
no auto-summary
!
ip forward-protocol nd
ip http server
ip http authentication local
no ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
!
ip dns server
ip dns spoofing 192.168.10.1
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0 dhcp
ip ssh server algorithm encryption aes128-ctr aes192-ctr aes256-ctr
ip ssh client algorithm encryption aes128-ctr aes192-ctr aes256-ctr
!
ipv6 ioam timestamp
!
!
access-list 191 remark permit DNS traffic
access-list 191 remark CCP_ACL Category=1
access-list 191 permit tcp any any eq domain
access-list 191 permit udp any any eq domain
!
control-plane
!
!
mgcp behavior rsip-range tgcp-only
mgcp behavior comedia-role none
mgcp behavior comedia-check-media-src disable
mgcp behavior comedia-sdp-force disable
!
mgcp profile default
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
login local
transport input telnet
!
scheduler max-task-time 5000
!
end

thank you so much!

1 Accepted Solution

Accepted Solutions

Hi 

Please next time, just put the config in a text file and attach it to the post otherwise this post will be unreadble with lot of scrolling. 

Unless your isp requires a specific client-id and/or hostname, you can put only ip address dhcp under your gig0 interface. 

Can you check that you received an ip on your gig0 interface by issuing the following command:

sh ip int brief | i Gigabit 

If yes, can you paste the output of: 

Sh ip route 0.0.0.0

Thanks 

PS: Please don't forget to rate and mark as correct answer if this answered your question


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

View solution in original post

26 Replies 26

Francesco Molino
VIP Alumni
VIP Alumni

Hi 

First of all, does your gig0 get an IP from your isp? 

If yes, does your router can ping Google dns (8.8.8.8)?

Then to give internet access to Internet hosts in vlan 2, you need to do the following commands: 

interface vlan 2

  ip nat inside

!

ip nat inside source list NAT interface gig0 overload

!

ip access-list extended NAT

  deny ip 192.168.10.0 0.0.0.255 192.168.0.0 0.0.255.255

   permit 192.168.10.0 0.0.0.255 any

The first line in the ACL is to not nat traffic from your vlan 2 reaching any host within 192.168.0.0/16. I put that line as example top show you how to filter communications to not be natted.  

The last ACL line is to nat every remaining traffic sourced from 192.168.10.0/24.

Thanks

PS: Please don't forget to rate and mark as correct answer if this answered your question


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

I have set my gb0 to dhcp and got hostname set from my ISP (ai202-45-170-198.ccnet-ai.ne.jp). I could not ping google and I have put your configuration, so the setup looks now like this:


version 15.6
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname SimpleActsRouter
!
boot-start-marker
boot-end-marker
!
!
no logging buffered
!
no aaa new-model
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!


!
ip dhcp excluded-address 192.168.10.1 192.168.10.99
ip dhcp excluded-address 192.168.10.201 192.168.10.254
!
ip dhcp pool SA_Clients
network 192.168.10.0 255.255.255.0
default-router 192.168.10.1
dns-server 192.168.10.100
!
ip dhcp pool vlan2
!
!
!
ip name-server 210.158.149.33
ip name-server 210.158.150.33
ip ddns update method ccp_ddns1
DDNS both
!
ip cef
no ipv6 cef
!
!
!
!
!
multilink bundle-name authenticated
!
!
!
!
!
!
license udi pid CISCO892-K9 sn FGL153928B8
!
!
username ccpuser privilege 15 secret 5 $1$Zklk$gYdJlJmZmtKA7VK9UqZx8.
!
redundancy
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface BRI0
no ip address
encapsulation hdlc
isdn termination multidrop
!
interface FastEthernet0
switchport access vlan 2
no ip address
speed 100
!
interface FastEthernet1
switchport access vlan 2
no ip address
speed 100
!
interface FastEthernet2
switchport access vlan 2
no ip address
speed 100
!
interface FastEthernet3
switchport access vlan 2
no ip address
speed 100
!
interface FastEthernet4
switchport access vlan 2
no ip address
speed 100
!
interface FastEthernet5
switchport access vlan 2
no ip address
speed 100
!
interface FastEthernet6
switchport access vlan 2
no ip address
speed 100
!
interface FastEthernet7
switchport access vlan 2
no ip address
speed 100
!
interface FastEthernet8
description Service Connection$ETH-WAN$
ip address 192.168.30.1 255.255.255.0
duplex auto
speed auto
!
interface GigabitEthernet0
description WAN$ETH-WAN$
ip address dhcp client-id GigabitEthernet0 hostname ai202-45-170-198.ccnet-ai.ne.jp
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
interface Vlan1
no ip address
shutdown
!
interface Vlan2
ip address 192.168.10.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
router rip
version 2
passive-interface GigabitEthernet0
network 192.168.1.0
no auto-summary
!
ip forward-protocol nd
ip http server
ip http authentication local
no ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
!
ip dns server
ip dns spoofing 192.168.10.1
ip nat inside source list NAT interface GigabitEthernet0 overload
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0 dhcp
ip ssh server algorithm encryption aes128-ctr aes192-ctr aes256-ctr
ip ssh client algorithm encryption aes128-ctr aes192-ctr aes256-ctr
!
ip access-list extended NAT
deny ip 192.168.10.0 0.0.0.255 192.168.0.0 0.0.255.255
permit ip 192.168.10.0 0.0.0.255 any
!
ipv6 ioam timestamp
!
!
access-list 191 remark permit DNS traffic
access-list 191 remark CCP_ACL Category=1
access-list 191 permit tcp any any eq domain
access-list 191 permit udp any any eq domain
!
control-plane
!
!
mgcp behavior rsip-range tgcp-only
mgcp behavior comedia-role none
mgcp behavior comedia-check-media-src disable
mgcp behavior comedia-sdp-force disable
!
mgcp profile default
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
login local
transport input telnet
!
scheduler max-task-time 5000
!
end

Hi 

Please next time, just put the config in a text file and attach it to the post otherwise this post will be unreadble with lot of scrolling. 

Unless your isp requires a specific client-id and/or hostname, you can put only ip address dhcp under your gig0 interface. 

Can you check that you received an ip on your gig0 interface by issuing the following command:

sh ip int brief | i Gigabit 

If yes, can you paste the output of: 

Sh ip route 0.0.0.0

Thanks 

PS: Please don't forget to rate and mark as correct answer if this answered your question


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

sh ip int brief | i Gigabit  shows the gb0 port unassigned. If this helps, this is the information I got from currently running router:

Old router config

Could you confirm that you connected g0 interface to your wan modem?

Is your modem in bridge? 

Is it an adsl that needs a user and password? 

Thanks


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

So the device is a simple cable modem:
Modem
Then I connect it to my gb0 port. As far as I know it did not need any password nor username. I will attach a configuration again here. (I tried to assign the old router's addresses too).

Hello,

what type/brand is the cable modem ? What type/brand was the original WiFi router you had attached to the cable modem ?

Is this output from the WiFi router ?

Old router config

Yes, this is the output from 192.168.10.1 wifi router (Aterm WR8165N). Cable modem is Synclayer CBC200J3.

Hello,

I have somewhat simplified the configuration. When you do a 'sh ip int brief', make sure your interface GigabitEthernet0 has a public IP address assigned.

Either way, try the config below (important parts are marked in bold):

version 15.6
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname SimpleActsRouter
!
boot-start-marker
boot-end-marker
!
no logging buffered
!
no aaa new-model
!
ip dhcp excluded-address 192.168.10.1 192.168.10.99
ip dhcp excluded-address 192.168.10.201 192.168.10.254
!
ip dhcp pool SA_Clients
network 192.168.10.0 255.255.255.0
default-router 192.168.10.1
dns-server 8.8.8.8 8.8.4.4
!
ip name-server 210.158.149.33
ip name-server 210.158.150.33
ip ddns update method ccp_ddns1
DDNS both
!
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
license udi pid CISCO892-K9 sn FGL153928B8
!
username ccpuser privilege 15 secret 5 $1$Zklk$gYdJlJmZmtKA7VK9UqZx8.
!
redundancy
!
interface BRI0
no ip address
encapsulation hdlc
isdn termination multidrop
!
interface FastEthernet0
switchport access vlan 2
no ip address
speed 100
!
interface FastEthernet1
switchport access vlan 2
no ip address
speed 100
!
interface FastEthernet2
switchport access vlan 2
no ip address
speed 100
!
interface FastEthernet3
switchport access vlan 2
no ip address
speed 100
!
interface FastEthernet4
switchport access vlan 2
no ip address
speed 100
!
interface FastEthernet5
switchport access vlan 2
no ip address
speed 100
!
interface FastEthernet6
switchport access vlan 2
no ip address
speed 100
!
interface FastEthernet7
switchport access vlan 2
no ip address
speed 100
!
interface FastEthernet8
description Service Connection$ETH-WAN$
ip address 192.168.30.1 255.255.255.0
duplex auto
speed auto
!
interface GigabitEthernet0
description WAN$ETH-WAN$
ip address dhcp client-id GigabitEthernet0 hostname ai202-45-170-198.ccnet-ai.ne.jp
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
interface Vlan2
ip address 192.168.10.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
ip forward-protocol nd
ip http server
ip http authentication local
no ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
ip dns server
ip dns spoofing 192.168.10.1
ip nat inside source list 10 interface GigabitEthernet0 overload
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0
ip ssh server algorithm encryption aes128-ctr aes192-ctr aes256-ctr
ip ssh client algorithm encryption aes128-ctr aes192-ctr aes256-ctr
!
access-list 10 permit 192.168.10.0 0.0.0.255
!
ipv6 ioam timestamp
!
access-list 191 remark permit DNS traffic
access-list 191 remark CCP_ACL Category=1
access-list 191 permit tcp any any eq domain
access-list 191 permit udp any any eq domain
!
control-plane
!
mgcp behavior rsip-range tgcp-only
mgcp behavior comedia-role none
mgcp behavior comedia-check-media-src disable
mgcp behavior comedia-sdp-force disable
!
mgcp profile default
!
line con 0
line aux 0
line vty 0 4
login local
transport input telnet
!
scheduler max-task-time 5000
!
end

So I have tried and the router still shows "no internet connection"

Here is the updated config again:

What is the output of:

show ip int brief

Here it is:

Hello,

your interface GigabitEthernet0, the one connected to the modem, is down/down, which means there is likely a physical problem with the cable. Check if you need a crossover cable.

Can you post the output of:

sh interfaces GigabitEthernet0

and

sh vlan (database)

Hold on, I did "show ip int brief" while the router was disconnected from the modem, since all network devices are under the desk, it is easier for me to work somewhere else. I will do that again with a modem connected to the router

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco