Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1584
Views
0
Helpful
1
Replies

Configuring cisco 1921

Go to solution
Philipvanbeeck
Level 1
Level 1

‎08-22-2011 10:58 AM - edited ‎03-04-2019 01:21 PM

Hi,

I'm trying to configure a cisco 1921 with our new provider and I am having some problems. With the config below I can ping hosts from the router, but not from the private ip's. The info I got from the ISP:

wan route: x.x.x.220/30
isp ip address: x.x.x.221
customer ip address: x.x.x.222
public ip's: y.y.y.224/29

Any help would be appreciated.

Philip


Building configuration...

Current configuration : 4449 bytes
!
version 15.1
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
no service password-encryption
service udp-small-servers
service tcp-small-servers
service sequence-numbers
!
hostname cisco1921
!
boot-start-marker
boot-end-marker
!
!
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200
logging console critical
!
!
no ipv6 cef
ip source-route
ip gratuitous-arps
ip cef
!
ip name-server 195.130.131.11
!
multilink bundle-name authenticated
!
redundancy
!
ip finger
ip tcp synwait-time 10
no ip ftp passive
!
interface Embedded-Service-Engine0/0
no ip address
ip mask-reply
ip directed-broadcast
ip flow ingress
shutdown
!
interface GigabitEthernet0/0
description $ETH-LAN$$FW_INSIDE$
ip address 192.168.0.3 255.255.255.0
ip mask-reply
ip directed-broadcast
ip flow ingress
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/1
description $ETH-WAN$$FW_OUTSIDE$
ip address x.x.x.222 255.255.255.252
ip mask-reply
ip directed-broadcast
ip flow ingress
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
ip default-gateway x.x.x.221
ip forward-protocol nd
!
ip http server
ip http access-class 2
ip http authentication local
ip http secure-server
ip http timeout-policy idle 600 life 86400 requests 10000
!
ip nat inside source list 1 interface GigabitEthernet0/1 overload
ip route 0.0.0.0 0.0.0.0 x.x.x.221
ip identd
!
access-list 1 remark CCP_ACL Category=2
access-list 1 permit 192.168.0.0 0.0.0.255
access-list 2 remark HTTP Access-class list
access-list 2 remark CCP_ACL Category=1
access-list 2 permit 192.168.0.0 0.0.0.255
access-list 2 deny any
!
no cdp run
!
control-plane
!
end

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Edison Ortiz
Hall of Fame
Hall of Fame

‎08-22-2011 11:33 AM

public ip's: y.y.y.224/29 are assigned for your hosts and you haven't done so in your router configuration.

The easiest approach is configuring nat pools

For instance:

ip nat pool NETPRO y.y.y.y.201 y.y.y.206 netmask 255.255.255.248

ip nat inside source list 1 pool NETPRO

access-list 1 remark CCP_ACL Category=2

access-list 1 permit 192.168.0.0 0.0.0.255

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Edison Ortiz
Hall of Fame
Hall of Fame

‎08-22-2011 11:33 AM

public ip's: y.y.y.224/29 are assigned for your hosts and you haven't done so in your router configuration.

The easiest approach is configuring nat pools

For instance:

ip nat pool NETPRO y.y.y.y.201 y.y.y.206 netmask 255.255.255.248

ip nat inside source list 1 pool NETPRO

access-list 1 remark CCP_ACL Category=2

access-list 1 permit 192.168.0.0 0.0.0.255

0 Helpful
Customers Also Viewed These Support Documents