Solved: Re: Cisco ISR 1100-Series configuration issues

Hevos93 · ‎03-18-2024

Hello all!

A small disclamer here, i am completely new to the cisco environment. And therefore this is my first ever configuration to a cisco router. The router is a ISR-1100 series.

I have tried following the start guides and basic configuration, but after a day of it working, it stopped. The symptoms then were that i could not access the WebUI for the router, but i could browse the web. So i copied the running-config to the startup-config, but when i rebooted i lost all internet access.

I am not sure what went wrong, as i have configured both NAT and access lists as the forum and guides instructed me to do. But i suspect that i have did something fundamentally wrong.

Attached is the running configuration for the router, i have redacted a few things, but everything is there.

The plan for the router is to be the new home router, as well as the gateway to my lab. Therefor you will se alot of VLANs in the configuration. For context, 10.3.1.0 is the "home" network and everything else is there to support the lab, the subnets align with the vlan tags (vlan 310 -> 10.3.10.0 etc).

This router is placed behind two routers at the moment, the first one is my landlords, and the second one is my main router at the moment. My own router has the subnet 192.168.50.0/24 and my landlords has 192.168.1.0/24 (but it is not connected to that directly at this point, though it will in the future as i replace my main router).

Since the router is behind some routers i tried to create a static route, and it worked for a while, but then it stopped. The configuration has been very unstable, and i do not know what to try next.

I do realize i may have bit off more than i can chew as i started with all the vlans at once, but at least i tried.

PS: As i looked through the configuration, it seems like the WebUI has added alot of lines, and i do not know what they do as i only saw them now.

Hevos93 · ‎05-26-2024

I ended up resetting the router and configuring it again.

The things i presume i messed up the first time was not setting routes properly, and looking more into access lists. That was key to configure this router properly.

View solution in original post

Richard Pidcock · ‎03-19-2024

I think you may need the following:

"track 1 ip sla 1 reachability"
Also I see that you have 3 default routes; I would consider taking it down to a single default route just to regain connectivity and then build from there (i.e. add you alternate default with SLA tracking).

ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0/0
ip route 0.0.0.0 0.0.0.0 192.168.50.1
ip route 0.0.0.0 0.0.0.0 Cellular0/2/0 253

Richard W. Pidcock

Richard Burts · ‎03-19-2024

I agree with @Richard Pidcock that you might want to change some things in the static default routes. I am especially wondering about having 2 static default routes with default AD. The default route using Ce0/2/0 with AD 253 is clearly used for failover. But the default route using G0/0/0 and 192.168.50.1 will be used equally for load sharing/balancing. I am not sure that is what you intended.

I also note an issue in the route maps that you use for NAT. You have configured one match statement and one set statement. When using a route map for NAT you need to use a match statement for the interface and not a set statement.

If there is still a problem perhaps you can provide some additional information, starting with the output of these commands

show ip interface brief

show ip route

show arp

HTH

Rick

liviu.gheorghe · ‎03-19-2024

@Richard Burts wrote:

I agree with @Richard Pidcock that you might want to change some things in the static default routes. I am especially wondering about having 2 static default routes with default AD. The default route using Ce0/2/0 with AD 253 is clearly used for failover. But the default route using G0/0/0 and 192.168.50.1 will be used equally for load sharing/balancing. I am not sure that is what you intended.

I disagree with the last statement - default route through connected interface will be seen as connected AD 0 versus default route through next hop IP address which has an AD of 1. You will only have the default route through connected interface in the routing table - that is the reason I asked about multiple next hops on the connected LAN.

Regards, LG
*** Please Rate All Helpful Responses ***

Richard Burts · ‎03-19-2024

LG Thanks for pointing out a flaw in my logic. Your point is valid that the three routes would have different levels of preference and so there could be multiple stages of failover.

HTH

Rick

liviu.gheorghe · ‎03-19-2024

Hello @Hevos93 ,

I'm curious about the first defaul route in your configuration

ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0/0 track 1

This kind of static route configured through an interface relies on proxy-arp enabled on other routers present on the lan segment. If proxy-arp is disabled from the next hop router, your default route will not work.

Do you have more than 1 possible next-hops for the default route on the 192.168.50.0/24 lan segment?

If only one next-hop for the default route exists, I would leave only the ip route 0.0.0.0 0.0.0.0 192.168.50.1 track 1 default route.

In rest, NAT seems to be ok configured. It should work.

Hope this helps.

Regards, LG
*** Please Rate All Helpful Responses ***

Hevos93 · ‎05-26-2024

I ended up resetting the router and configuring it again.

The things i presume i messed up the first time was not setting routes properly, and looking more into access lists. That was key to configure this router properly.

Richard Burts · ‎05-26-2024

Thanks for the update. Sometimes starting over from the beginning is the best way to solve an issue.

HTH

Rick