Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1101
Views
15
Helpful
6
Replies

Computer cannot connect to the internet, however router can

Go to solution
Jasonsp
Level 1
Level 1

‎08-18-2020 06:26 PM - edited ‎08-18-2020 06:33 PM

Hello Everyone

I am building a home lab to practice on real equipment for Exams. I have gone through some sites trying to find a solution to my problem, but I am falling short.

Any help would be greatly appreciated. 

 

Router show run

Building configuration...

Current configuration : 1549 bytes
!
! Last configuration change at 01:05:40 UTC Wed Aug 19 2020
!
version 15.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
!
!
!
!
!
!
!
!
!
!
ip dhcp excluded-address 10.0.1.1 10.0.1.10
!
ip dhcp pool PC NETWORK
network 10.0.1.0 255.255.255.0
default-router 10.0.1.1
dns-server 8.8.8.8 8.8.8.4
!
!
!
ip cef
no ipv6 cef
multilink bundle-name authenticated
!
cts logging verbose
!
!
license udi pid CISCO1921/K9 sn FGL220790TL
!
!
!
redundancy
!
!
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description INTERNET
ip address dhcp
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
!
interface GigabitEthernet0/1.10
description PC NETWORK
encapsulation dot1Q 10 native
ip address 10.0.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip nat inside source list 100 interface GigabitEthernet0/1.10 overload
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0 dhcp
!
!
!
access-list 100 permit ip 10.0.1.0 0.0.0.255 any
!
control-plane
!
!
!
line con 0
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
login
transport input none
!
scheduler allocate 20000 1000
!
end

 

Router show ip interface brief

Interface IP-Address OK? Method Status Protocol
Embedded-Service-Engine0/0 unassigned YES NVRAM administratively down down
GigabitEthernet0/0 10.0.0.220 YES DHCP up up
GigabitEthernet0/1 unassigned YES NVRAM up up
GigabitEthernet0/1.10 10.0.1.1 YES NVRAM up up
NVI0 unassigned YES unset administratively down down

 

Switch show run

Building configuration...

Current configuration : 1348 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Switch
!
boot-start-marker
boot-end-marker
!
!
!
!
no aaa new-model
system mtu routing 1500
!
!
!
!
!
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
!
interface FastEthernet0/1
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface GigabitEthernet0/1
switchport mode trunk
!
interface GigabitEthernet0/2
!
interface Vlan1
no ip address
!
interface Vlan10
ip address 10.0.1.2 255.255.255.0
!
no ip http server
no ip http secure-server
!
line con 0
line vty 0 4
login
line vty 5 15
login
!
end

 

0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to Jasonsp

‎08-18-2020 11:46 PM

Hello @Jasonsp ,

on the the router you have configured

 

ip nat inside source list 100 interface GigabitEthernet0/1.10 overload
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0 dhcp

 

the nat statement must refer to the external interface the one with the ip nat outside statement

so the following changes:

Router:

config t

no ip nat inside source list 100 interface GigabitEthernet0/1.10 overload

ip nat inside source list 100 interface GigabitEthernet0/0 overload

 

Hope to help

Giuseppe

 

View solution in original post

Go to solution
Christopher Hart
Cisco Employee
Cisco Employee
In response to Jasonsp

‎08-19-2020 04:42 AM

Hi Jason,

My apologies for misleading you - you are correct, if you have VLAN 10 set as the native VLAN on your router's subinterface, then there is no need to place any access switchports in VLAN 10 on the switch.

With that being said, I would recommend that you either remove the native VLAN setting on the router's subinterface, or explicitly add it as the native VLAN on your switch's trunk and explicitly place access switchports in VLAN 10. With your current configuration, packets in VLAN 1 on the switch turn into packets in VLAN 10 on the router. While there's nothing inherently wrong with that, it can be a bit more difficult to troubleshoot.

I believe @Giuseppe Larosa's answer is correct - I missed that your NAT/PAT statement is pointing towards the inside interface, not the outside interface. As Giuseppe explained, you will need to modify this configuration such that the outside NAT interface is overloaded instead of the inside interface.

Thank you!

-Christopher

View solution in original post

6 Replies 6

Go to solution
Christopher Hart
Cisco Employee
Cisco Employee

‎08-18-2020 06:45 PM

Hi Jason!

From a quick glance at your switch's configuration, it doesn't look like there are any access switchports configured for VLAN 10.

Can you confirm what specific interface on your switch you have a client (such as a PC, server, etc. that you would like to connect to the Internet) connected to?

Can you also verify that this interface is configured to be an access switchport (via the switchport mode access command) in VLAN 10 (via the switchport access vlan 10 command)?

Thank you!

-Christopher

0 Helpful

Go to solution
Jasonsp
Level 1
Level 1
In response to Christopher Hart

‎08-18-2020 07:33 PM - edited ‎08-18-2020 07:41 PM

Hello Christopher,

 

 

If you configured the router gig0/1.10 as encapsulation dot1q 10 native, do you still need to do switchport mode access?

The computer is connect to gig 0/2 on the switch.

 

Thank you

0 Helpful

Go to solution
Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to Jasonsp

‎08-18-2020 11:46 PM

Hello @Jasonsp ,

on the the router you have configured

 

ip nat inside source list 100 interface GigabitEthernet0/1.10 overload
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0 dhcp

 

the nat statement must refer to the external interface the one with the ip nat outside statement

so the following changes:

Router:

config t

no ip nat inside source list 100 interface GigabitEthernet0/1.10 overload

ip nat inside source list 100 interface GigabitEthernet0/0 overload

 

Hope to help

Giuseppe

 

Go to solution
Jasonsp
Level 1
Level 1
In response to Giuseppe Larosa

‎08-19-2020 02:49 PM

Thank you

 

I have been racking my brain on why this hasn't been working and it turns out I put in the wrong port. 

 

I cannot thank you enough.

0 Helpful

Go to solution
Christopher Hart
Cisco Employee
Cisco Employee
In response to Jasonsp

‎08-19-2020 04:42 AM

Hi Jason,

My apologies for misleading you - you are correct, if you have VLAN 10 set as the native VLAN on your router's subinterface, then there is no need to place any access switchports in VLAN 10 on the switch.

With that being said, I would recommend that you either remove the native VLAN setting on the router's subinterface, or explicitly add it as the native VLAN on your switch's trunk and explicitly place access switchports in VLAN 10. With your current configuration, packets in VLAN 1 on the switch turn into packets in VLAN 10 on the router. While there's nothing inherently wrong with that, it can be a bit more difficult to troubleshoot.

I believe @Giuseppe Larosa's answer is correct - I missed that your NAT/PAT statement is pointing towards the inside interface, not the outside interface. As Giuseppe explained, you will need to modify this configuration such that the outside NAT interface is overloaded instead of the inside interface.

Thank you!

-Christopher

Go to solution
Jasonsp
Level 1
Level 1
In response to Christopher Hart

‎08-19-2020 02:53 PM

I did some looking into whether to change it back and do switchport mode access instead of having it as a native. Seems its better to just do switchport mode access, than naming something other than Vlan1 as native/default. For example CDP will always go over Vlan1 whether its the default or not, if its not the default then CDP still uses Vlan1, it just turns into tagged traffic.

 

I will be switching back to having Vlan1 as native, and just doing switchport mode access on devices on Vlan 10.

 

Thank You for your help Christopher.

I very much appreciate it.

0 Helpful
Customers Also Viewed These Support Documents