Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
995
Views
5
Helpful
5
Replies

Cisco C1121X-8PLTEP primary WAN cosmetic webui issue

Go to solution
juddcharles
Level 1
Level 1

‎02-06-2023 03:59 PM - last edited on ‎02-08-2023 10:19 PM by Community Manager

Hello

I'm a home/small office user with a cisco router C1121X-8PLTEP.

Problem: Primary WAN configuration in WebUi shows un-configured when I edit config via CLI and update the default route.

Interface GigabitEthernet0/0/1 is configured as the WAN interface and is connected via ethernet to a fibre to the curb modem.  GigabitEthernet0/0/1 gets its IP via DHCP from the modem.   This works ok.

When configuring the C1121X using the WebUi you can toggle the config for GigabitEthernet0/0/1 to be LAN or WAN.  

WebUi WAN configuration results in the Primary WAN being recognised as configured, and a default route that does not allow connectivity to the internet.

juddcharles_0-1675727002514.png

 

ip nat inside source route-map track-primary-if interface GigabitEthernet0/0/1 overload
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0/1

 

If I edit the configuration via CLI and modify the default route, then connection to the internet works OK, but the Primary WAN configuration status in the WebUi changes to not configured.

 

ip nat inside source route-map track-primary-if interface GigabitEthernet0/0/1 overload
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0/1 dhcp

 

juddcharles_1-1675727131441.png

This appears to be a cosmetic issue, but what might a different CLI configuration be that would allow me to keep the WebUi automatically created default route so the Primary WAN stays green?

Suggestions welcome.

juddcharles_2-1675727574523.png

 

1 person had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Richard Burts
Hall of Fame
Hall of Fame

‎02-07-2023 01:07 AM

This is an interesting situation. I do not have experience with this platform and do not have any suggestion of what you could do for a solution but believe that I can shed some light on the issue. A static route which specifies an outbound interface with no additional parameters can be problematic when the outbound interface is Ethernet. One of the potential issues is that this configuration requires that the router arp for every remote destination. This requires that the next hop device implements proxy arp. It sounds like your ISP does not support proxy arp (there are some ISP who do not support proxy arp because of the security implications and it seems that your ISP is one of them). Your manual config makes it work but the GUI does not recognize it. I would hope that Cisco would recognize the flaw in their GUI and change it.

HTH

Rick

View solution in original post

5 Replies 5

Go to solution
Richard Burts
Hall of Fame
Hall of Fame

‎02-07-2023 01:07 AM

This is an interesting situation. I do not have experience with this platform and do not have any suggestion of what you could do for a solution but believe that I can shed some light on the issue. A static route which specifies an outbound interface with no additional parameters can be problematic when the outbound interface is Ethernet. One of the potential issues is that this configuration requires that the router arp for every remote destination. This requires that the next hop device implements proxy arp. It sounds like your ISP does not support proxy arp (there are some ISP who do not support proxy arp because of the security implications and it seems that your ISP is one of them). Your manual config makes it work but the GUI does not recognize it. I would hope that Cisco would recognize the flaw in their GUI and change it.

HTH

Rick

Go to solution
juddcharles
Level 1
Level 1
In response to Richard Burts

‎02-08-2023 03:11 PM

Thanks Richard,  The answer does not resolve the issue, but your guidance is appreciated.

There is a new version of the ios available, I'll make plans to update soon and see if that fixes the webgui issue.  If it does I'll report back here.

0 Helpful

Go to solution
charlesnorris
Level 1
Level 1

‎04-20-2023 11:31 PM

@juddcharles  I have a cisco C1111-4P ISR and have experienced the same.  I tried adding the upstream gateway as the next hop

charlesnorris_0-1682058446700.png

 

0 Helpful

Go to solution
juddcharles
Level 1
Level 1
In response to charlesnorris

‎04-20-2023 11:51 PM - edited ‎04-20-2023 11:56 PM

I think the secret to this problem is understanding what the status WAN check is actually looking for before it will go green.  i don't know the answer to this.

I never did get this cosmetic problem resolved.

When making changes to the router, I try to avoid using the web gui now as I simply don't trust it.

Using the web gui also seems to make a mess of zone based firewall application/layer 7 inspection rules. 

i.e.: if editing interface  GigabitEthernet0/0/1 using the web gui and saving the changes, my preferred default route get's over written and i loose WAN connectivity again.  If I add "block youtube" as an application block, remove the change, then re-add I get odd behaviour or missing nbar entry error messages thrown up, but I can see the entry in the nbar list.

I'm not convinced this is a mature product for small business (when using the web gui).  I like what is offers.  but it is not well or robustly executed.

I've resigned myself to just using the CLI for config management.  Time consuming but reliable.

Using the CLI for all configuration has been bullet proof.

0 Helpful

Go to solution
charlesnorris
Level 1
Level 1
In response to juddcharles

‎04-22-2023 01:52 AM

Cheers. Agree the webgui is somewhat of a blunt instrument
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card