03-23-2021 02:14 PM
Quick question,
how do I configure this 4-port gig expansion card on my Cisco ISR 1921 for vlan traffic?
Compared to the two normal interfaces where I can just do g0/1.1 or g0/1.2 etc... then bam you got it going.
Solved! Go to Solution.
03-23-2021 04:01 PM
there is no route required if you have NAT outside to inside.
example :
209.165.100.5 - outside
192.168.1.1 - inside
Static NAT or port forward required.
209.165.100.5 - outside
the provider gave you some public IP range to use - then you can assign inside hosts
03-23-2021 02:39 PM
That is just an extension of the interface, depends on the module installed on the slow, just like any other interface configuration :
here is a reference guide :
03-23-2021 03:31 PM
Alright thank you,
one more question, completely different but routing related.
I can get routing to each interface easy with NAT but how do I do it without NAT?
For example, below. How do I route traffic between the outside interface and the inside without using NAT? I have a default route out and the outside interface is being assigned an IP address from the modem. I want to get internet going through it?
Interface G0/0
ip address dhcp
description outside-to-modem
Interface G0/1
ip address 192.168.100.1/24
description inside-to-computer
ip route 0.0.0.0 0.0.0.0 10.0.01
03-23-2021 03:41 PM
if your internal IP address space, not a Public routable IP it is not possible, the only option is NAT.
03-23-2021 03:44 PM
This makes a lot more since why it won't work lol. So lets say my public IP on the outside interface was 209.165.100.5 what would be the routes needed to make this work? Just the default?
03-23-2021 04:01 PM
there is no route required if you have NAT outside to inside.
example :
209.165.100.5 - outside
192.168.1.1 - inside
Static NAT or port forward required.
209.165.100.5 - outside
the provider gave you some public IP range to use - then you can assign inside hosts
03-24-2021 01:16 AM
Hello,
keep in mind that in order to have hosts connected to the EHWIC-4ESG to be able to talk to other (inside/outside) hosts, you need to create an SVI. Also, since you are getting a DHCP IP address from the modem, the static route should reflect that.
What you are doing is called double NAT. The 1941 does NAT, and the modem does, too. This can sometimes cause problems with things like playing online games, opening a specific service port, connecting to a VPN tunnel, or visiting secure sites with SSL. If you are experiencing any of these problems, you need to configure your modem to NAT the additional networks (whether your modem lets you do that depends on the type of modem you use).
Either way, below is what the entire configuration could look like. The host connected to the EHWIC-4ESG is member of Vlan 20 (important parts marked in bold
Current configuration : 1320 bytes
!
version 15.1
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname 1941
!
ip dhcp excluded-address 192.168.10.1
ip dhcp excluded-address 192.168.20.1
ip dhcp excluded-address 192.168.100.1
!
ip dhcp pool VLAN10
network 192.168.10.0 255.255.255.0
default-router 192.168.10.1
dns-server 8.8.8.8 4.2.2.2
!
ip dhcp pool VLAN20
network 192.168.20.0 255.255.255.0
default-router 192.168.20.1
dns-server 8.8.8.8 4.2.2.2
!
ip dhcp pool LAN
network 192.168.100.0 255.255.255.0
default-router 192.168.100.1
dns-server 8.8.8.8 4.2.2.2
!
ip cef
no ipv6 cef
!
license udi pid CISCO1941/K9 sn FTX1524J802-
!
spanning-tree mode pvst
!
interface GigabitEthernet0/0
description outside-to-modem
ip address dhcp
!
interface GigabitEthernet0/1
description inside-to-computer
ip address 192.168.100.1 255.255.255.0
!
interface GigabitEthernet0/1.10
encapsulation dot1Q 10
ip address 192.168.10.1 255.255.255.0
!
interface FastEthernet0/1/0
description EHWIC-4ESG Port
switchport access vlan 20
switchport mode access
switchport nonegotiate
spanning-tree portfast
!
interface FastEthernet0/1/1
description EHWIC-4ESG Port
switchport mode access
!
interface FastEthernet0/1/2
description EHWIC-4ESG Port
switchport mode access
!
interface FastEthernet0/1/3
description EHWIC-4ESG Port
switchport mode access
!
interface Vlan1
no ip address
shutdown
!
interface Vlan20
ip address 192.168.20.1 255.255.255.0
!
ip classless
!
ip nat inside source list 1 interface GigabitEthernet0/0 overload
!
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0 dhcp
!
access-list 1 permit 192.168.0.0 0.0.255.255
!
ip flow-export version 9
!
line con 0
!
line aux 0
!
line vty 0 4
login
!
end
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide