Solved: EHWIC 4ESG

Senbonzakura · ‎03-23-2021

Quick question,

how do I configure this 4-port gig expansion card on my Cisco ISR 1921 for vlan traffic?

Compared to the two normal interfaces where I can just do g0/1.1 or g0/1.2 etc... then bam you got it going.

balaji.bandi · ‎03-23-2021

there is no route required if you have NAT outside to inside.

example :

209.165.100.5 - outside

192.168.1.1 - inside

Static NAT or port forward required.

209.165.100.5 - outside

the provider gave you some public IP range to use - then you can assign inside hosts

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

balaji.bandi · ‎03-23-2021

That is just an extension of the interface, depends on the module installed on the slow, just like any other interface configuration :

here is a reference guide :

https://www.cisco.com/c/en/us/td/docs/routers/access/interfaces/software/feature/guide/geshwic_cfg.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Senbonzakura · ‎03-23-2021

Alright thank you,

one more question, completely different but routing related.

I can get routing to each interface easy with NAT but how do I do it without NAT?

For example, below. How do I route traffic between the outside interface and the inside without using NAT? I have a default route out and the outside interface is being assigned an IP address from the modem. I want to get internet going through it?

Interface G0/0

ip address dhcp

description outside-to-modem

Interface G0/1

ip address 192.168.100.1/24

description inside-to-computer

ip route 0.0.0.0 0.0.0.0 10.0.01

balaji.bandi · ‎03-23-2021

if your internal IP address space, not a Public routable IP it is not possible, the only option is NAT.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Senbonzakura · ‎03-23-2021

This makes a lot more since why it won't work lol. So lets say my public IP on the outside interface was 209.165.100.5 what would be the routes needed to make this work? Just the default?

balaji.bandi · ‎03-23-2021

there is no route required if you have NAT outside to inside.

example :

209.165.100.5 - outside

192.168.1.1 - inside

Static NAT or port forward required.

209.165.100.5 - outside

the provider gave you some public IP range to use - then you can assign inside hosts

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Georg Pauwen · ‎03-24-2021

Hello,

keep in mind that in order to have hosts connected to the EHWIC-4ESG to be able to talk to other (inside/outside) hosts, you need to create an SVI. Also, since you are getting a DHCP IP address from the modem, the static route should reflect that.

What you are doing is called double NAT. The 1941 does NAT, and the modem does, too. This can sometimes cause problems with things like playing online games, opening a specific service port, connecting to a VPN tunnel, or visiting secure sites with SSL. If you are experiencing any of these problems, you need to configure your modem to NAT the additional networks (whether your modem lets you do that depends on the type of modem you use).

Either way, below is what the entire configuration could look like. The host connected to the EHWIC-4ESG is member of Vlan 20 (important parts marked in bold

Current configuration : 1320 bytes
!
version 15.1
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname 1941
!
ip dhcp excluded-address 192.168.10.1
ip dhcp excluded-address 192.168.20.1
ip dhcp excluded-address 192.168.100.1
!
ip dhcp pool VLAN10
network 192.168.10.0 255.255.255.0
default-router 192.168.10.1
dns-server 8.8.8.8 4.2.2.2
!
ip dhcp pool VLAN20
network 192.168.20.0 255.255.255.0
default-router 192.168.20.1
dns-server 8.8.8.8 4.2.2.2
!
ip dhcp pool LAN
network 192.168.100.0 255.255.255.0
default-router 192.168.100.1
dns-server 8.8.8.8 4.2.2.2
!
ip cef
no ipv6 cef
!
license udi pid CISCO1941/K9 sn FTX1524J802-
!
spanning-tree mode pvst
!
interface GigabitEthernet0/0
description outside-to-modem
ip address dhcp
!
interface GigabitEthernet0/1
description inside-to-computer
ip address 192.168.100.1 255.255.255.0
!
interface GigabitEthernet0/1.10
encapsulation dot1Q 10
ip address 192.168.10.1 255.255.255.0
!
interface FastEthernet0/1/0
description EHWIC-4ESG Port
switchport access vlan 20
switchport mode access
switchport nonegotiate
spanning-tree portfast
!
interface FastEthernet0/1/1
description EHWIC-4ESG Port
switchport mode access
!
interface FastEthernet0/1/2
description EHWIC-4ESG Port
switchport mode access
!
interface FastEthernet0/1/3
description EHWIC-4ESG Port
switchport mode access
!
interface Vlan1
no ip address
shutdown
!
interface Vlan20
ip address 192.168.20.1 255.255.255.0
!
ip classless
!
ip nat inside source list 1 interface GigabitEthernet0/0 overload
!
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0 dhcp
!
access-list 1 permit 192.168.0.0 0.0.255.255
!
ip flow-export version 9
!
line con 0
!
line aux 0
!
line vty 0 4
login
!
end