Solved: Connection Cisco 2811 to internet (with dhcp ip from ISP)

skylunous · ‎07-08-2018

Good evening.

I just got a Cisco 2811 router and is trying to use it as a plain router for now. (Such as linksys)

Since my ISP is giving me address by DHCP.

I'm trying to connect FastEthernet0/0 by dhcp to the ISP

and setup NAT and DHCP on FastEthernet0/1 to give internet connections to each clients in LAN.

I think the DHCP setup was done and running.

But the NAT and ip routing seems to be some trouble.

I can't get clients in the LAN to connect to the internet.

P.S: The connection from the ISP comes out as RJ-45 Ethernetcable with DHCP.

So if it were other routers, I just plug it in and the setup would be done.

Here's my setup:

Current configuration : 1492 bytes
!
! Last configuration change at 03:15:17 UTC Fri Jan 7 2000
!
version 15.1
service config
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname EIA-SERVICE
!
boot-start-marker
boot-end-marker
!
enable secret 5 (my secret)
enable password (my password)
!
no aaa new-model
!
!
dot11 syslog
ip source-route
no ip routing
!
!
no ip cef
ip dhcp excluded-address 100.100.0.254
!
ip dhcp pool service
   network 100.100.0.0 255.255.255.0
   default-router 100.100.0.254
   dns-server 168.126.63.1 168.126.63.2
!
!
no ip domain lookup
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
voice-card 0
!
!
!
!
!
license udi pid CISCO2811 sn FHK1221F4K5
!
redundancy
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
 ip address dhcp
 ip nat outside
 ip nat enable
 ip virtual-reassembly
 no ip route-cache
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 100.100.0.254 255.255.255.0
 ip nat inside
 ip nat enable
 ip virtual-reassembly
 no ip route-cache
 duplex half
 speed auto
 no mop enabled
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip nat inside source list 1 interface FastEthernet0/0 overload
ip route 0.0.0.0 0.0.0.0 FastEthernet0/0
!
access-list 1 permit 100.100.0.0 0.0.0.255
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 password (my password)
 login
 transport input all
!
scheduler allocate 20000 1000
end

My interfaces are like the following

EIA-SERVICE#sh int
FastEthernet0/0 is up, line protocol is up
  Hardware is MV96340 Ethernet, address is 001d.70a1.e330 (bia 001d.70a1.e330)
  Internet address is 14.53.252.222/24
  MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  Keepalive set (10 sec)
  Full-duplex, 100Mb/s, 100BaseTX/FX
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input 00:00:00, output 00:00:03, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/53/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 7000 bits/sec, 16 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     1323088 packets input, 79510587 bytes
     Received 1292581 broadcasts (0 IP multicasts)
     0 runts, 0 giants, 2 throttles
     93 input errors, 0 CRC, 0 frame, 0 overrun, 93 ignored
     0 watchdog
     0 input packets with dribble condition detected
     36022 packets output, 2632208 bytes, 0 underruns
     0 output errors, 0 collisions, 1 interface resets
     1228135 unknown protocol drops
     0 babbles, 0 late collision, 0 deferred
     0 lost carrier, 0 no carrier
     0 output buffer failures, 0 output buffers swapped out
FastEthernet0/1 is up, line protocol is up
  Hardware is MV96340 Ethernet, address is 001d.70a1.e331 (bia 001d.70a1.e331)
  Internet address is 100.100.0.254/24
  MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  Keepalive set (10 sec)
  Half-duplex, 100Mb/s, 100BaseTX/FX
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input 00:00:02, output 00:00:02, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 1000 bits/sec, 2 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     40603 packets input, 4760800 bytes
     Received 20170 broadcasts (0 IP multicasts)
     0 runts, 0 giants, 0 throttles
     3 input errors, 0 CRC, 3 frame, 0 overrun, 0 ignored
     0 watchdog
     0 input packets with dribble condition detected
     8797 packets output, 876205 bytes, 0 underruns
     0 output errors, 0 collisions, 1 interface resets
     1420 unknown protocol drops
     0 babbles, 0 late collision, 0 deferred
     0 lost carrier, 0 no carrier
     0 output buffer failures, 0 output buffers swapped out
NVI0 is up, line protocol is up
  Hardware is NVI
  Interface is unnumbered. Using address of FastEthernet0/0 (14.53.252.222)
  MTU 1514 bytes, BW 56 Kbit/sec, DLY 5000 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation UNKNOWN, loopback not set
  Keepalive set (10 sec)
  Last input never, output never, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     0 packets input, 0 bytes, 0 no buffer
     Received 0 broadcasts (0 IP multicasts)
     0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
     0 packets output, 0 bytes, 0 underruns
     0 output errors, 0 collisions, 0 interface resets
     0 unknown protocol drops
     0 output buffer failures, 0 output buffers swapped out

And, my ip route shows nothing.

EIA-SERVICE#sh ip route
Default gateway is 14.53.252.254

Host               Gateway           Last Use    Total Uses  Interface
ICMP redirect cache is empty

With regeards,

Thank you for your help in advance

Georg Pauwen · ‎07-08-2018

Hello,

in addition to the other post, you also have 'ip routing' disabled. Change 'no ip routing' to 'ip routing'.

Below is the revised config (changes marked in bold):

Current configuration : 1492 bytes
!
! Last configuration change at 03:15:17 UTC Fri Jan 7 2000
!
version 15.1
service config
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname EIA-SERVICE
!
boot-start-marker
boot-end-marker
!
enable secret 5 (my secret)
enable password (my password)
!
no aaa new-model
!
dot11 syslog
ip source-route
--> ip routing
!
no ip cef
ip dhcp excluded-address 100.100.0.254
!
ip dhcp pool service
network 100.100.0.0 255.255.255.0
default-router 100.100.0.254
dns-server 168.126.63.1 168.126.63.2
!
no ip domain lookup
no ipv6 cef
!
multilink bundle-name authenticated
!
voice-card 0
!
license udi pid CISCO2811 sn FHK1221F4K5
!
redundancy
!
interface FastEthernet0/0
ip address dhcp
ip nat outside
--> no ip nat enable
ip virtual-reassembly
no ip route-cache
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 100.100.0.254 255.255.255.0
ip nat inside
--> no ip nat enable
ip virtual-reassembly
no ip route-cache
duplex half
speed auto
no mop enabled
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
ip nat inside source list 1 interface FastEthernet0/0 overload
--> ip route 0.0.0.0 0.0.0.0 FastEthernet0/0 dhcp
!
access-list 1 permit 100.100.0.0 0.0.0.255
!
control-plane
!
line con 0
line aux 0
line vty 0 4
password (my password)
login
transport input all
!
scheduler allocate 20000 1000
end

View solution in original post

a.alekseev · ‎07-08-2018

Remove "ip nat enable" from both interfaces

After that check your internet connection
Sh ip route
Sh ip nat translation

skylunous · ‎07-08-2018

Done, and checked! (other settings are the same)

interface FastEthernet0/0
 ip address dhcp
 ip nat outside
 ip virtual-reassembly
 no ip route-cache
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 100.100.0.254 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 no ip route-cache
 duplex half
 speed auto
 no mop enabled

EIA-SERVICE#sh ip route
Default gateway is 14.53.252.254

Host               Gateway           Last Use    Total Uses  Interface
ICMP redirect cache is empty

EIA-SERVICE#sh ip nat translation

EIA-SERVICE#show ip dhcp binding
Bindings from all pools not associated with VRF:
IP address          Client-ID/              Lease expiration        Type
                    Hardware address/
                    User name
100.100.0.3         0100.606e.b2cf.0d       Jan 08 2000 05:12 AM    Automatic

Still doesn't work for some reason.

I've checked the DHCP binding also, just in case I left something missing.

Any chance that static route may cause problem.?

And also, surprised to see no NAT translation at all...

I'll keep tinkering.

With regards. Thank you

P.S:As I went through, I also noticed the clock was wrong.

It is now fixed it by the way. But still wasn't the cause of the problem.

a.alekseev · ‎07-08-2018

conf t
ip routing

Georg Pauwen · ‎07-08-2018

Hello,

in addition to the other post, you also have 'ip routing' disabled. Change 'no ip routing' to 'ip routing'.

Below is the revised config (changes marked in bold):

Current configuration : 1492 bytes
!
! Last configuration change at 03:15:17 UTC Fri Jan 7 2000
!
version 15.1
service config
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname EIA-SERVICE
!
boot-start-marker
boot-end-marker
!
enable secret 5 (my secret)
enable password (my password)
!
no aaa new-model
!
dot11 syslog
ip source-route
--> ip routing
!
no ip cef
ip dhcp excluded-address 100.100.0.254
!
ip dhcp pool service
network 100.100.0.0 255.255.255.0
default-router 100.100.0.254
dns-server 168.126.63.1 168.126.63.2
!
no ip domain lookup
no ipv6 cef
!
multilink bundle-name authenticated
!
voice-card 0
!
license udi pid CISCO2811 sn FHK1221F4K5
!
redundancy
!
interface FastEthernet0/0
ip address dhcp
ip nat outside
--> no ip nat enable
ip virtual-reassembly
no ip route-cache
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 100.100.0.254 255.255.255.0
ip nat inside
--> no ip nat enable
ip virtual-reassembly
no ip route-cache
duplex half
speed auto
no mop enabled
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
ip nat inside source list 1 interface FastEthernet0/0 overload
--> ip route 0.0.0.0 0.0.0.0 FastEthernet0/0 dhcp
!
access-list 1 permit 100.100.0.0 0.0.0.255
!
control-plane
!
line con 0
line aux 0
line vty 0 4
password (my password)
login
transport input all
!
scheduler allocate 20000 1000
end

skylunous · ‎07-09-2018

Current configuration : 1460 bytes
!
! Last configuration change at 16:19:54 UTC Mon Jul 9 2018
!
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname EIA-SERVICE
!
boot-start-marker
boot-end-marker
!
enable secret 5 (my secret)
enable password (my password)
!
no aaa new-model
!
!
dot11 syslog
ip source-route
!
!
ip cef
ip dhcp excluded-address 100.100.0.254
ip dhcp excluded-address 100.100.0.1
!
ip dhcp pool service
   network 100.100.0.0 255.255.255.0
   default-router 100.100.0.254
   dns-server 168.126.63.1 168.126.63.2
!
!
no ip domain lookup
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
voice-card 0
!
!
!
!
!
license udi pid CISCO2811 sn FHK1221F4K5
!
redundancy
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
 ip address dhcp
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 100.100.0.254 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 duplex half
 speed auto
 no mop enabled
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip nat inside source list 1 interface FastEthernet0/0 overload
ip route 0.0.0.0 0.0.0.0 FastEthernet0/0 dhcp
!
access-list 1 permit 100.100.0.0 0.0.0.255
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 password (my password)
 login
 transport input all
!
scheduler allocate 20000 1000
ntp server 203.254.163.74
end

Oh yeah, it's back on the track.

Thank you for all of your helps.