11-30-2013 12:17 PM - edited 03-04-2019 09:43 PM
Hi everyone - thanks for taking time to help me out. First off - I am a complete and total noob, I know how to access the command line through telnet and issue show running_config. Beyond that, please understand that I don't know much.
A school I work for has paid for a new ethernet internet service, to replace a T1 line. Right now both services are operational. The T1 is running though a Cisco 1841 router on the serial0/0/0 interface. The ethernet connection comes from a gateway(or modem or router, anyway, a box that was supplied by the ISP) and probably should end up in fastethernet0/1 since fastethernet0/0 is being used to connect to the switch. The IP information supplied by the new ISP is as follows:
Static ip settings:
***.***.94.86 | IP Address |
255.255.255.252 | Subnet Mask |
***.***.94.85 | Gateway |
64.16.28.2 | DNS1 |
137.118.1.33 | DNS2 |
Below is our current config: 99% of this was created by someone no longer working for the school and 1% is my messing around to try to make this work. PLEASE BE KIND - I know it's a mess, please help me clean it up.
What can I do to get the ethernet internet distributed through the 1841 to the school while keeping the same functionality as before? The way it is now, we are not getting any kind of connection to the new ISP, only from the AT&T T1 line.
Running_config:
IRAH#show running-config
Building configuration...
Current configuration : 4510 bytes
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname IRAH
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 debugging
logging console critical
enable secret 5 ***********************************
!
no aaa new-model
!
resource policy
!
clock timezone PCTime -7
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
no ip source-route
ip cef
!
!
ip tcp synwait-time 10
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.0.1
!
ip dhcp pool sdm-pool1
import all
network 192.168.0.0 255.255.255.0
dns-server 192.168.0.5 8.8.8.8
default-router 192.168.0.1
!
!
no ip bootp server
ip domain name irah.com
ip name-server 192.168.0.5
ip name-server 8.8.8.8
!
username administrator privilege 15 secret 5 **********************************
!
!
!
interface FastEthernet0/0
description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-FE 0$$ES_LAN$$FW_INSIDE$
ip address 192.168.0.1 255.255.255.0
no ip proxy-arp
ip nat inside
ip route-cache flow
duplex auto
speed auto
no mop enabled
!
interface FastEthernet0/1
description GRTI Ethernet
ip address ***.***.94.86 255.255.255.252
ip access-group 110 out
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip route-cache flow
duplex auto
speed auto
no mop enabled
!
interface Serial0/0/0
description AT&T Internet
ip address ***.***.145.22 255.255.255.252
ip access-group 110 out
ip nat outside
encapsulation ppp
ip route-cache flow
!
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0/0/0
!
ip http server
ip http authentication local
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface Serial0/0/0 overload
ip nat inside source list 11 interface Serial0/0/0 overload
ip nat inside source static 192.168.0.5 ***.***.145.115
ip nat inside source static 192.168.0.6 ***.***.145.116
ip nat inside source static 192.168.0.7 ***.***.145.117
!
logging trap debugging
access-list 1 remark INSIDE_IF=FastEthernet0/0
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 192.168.0.0 0.0.0.255
access-list 110 permit ip any any
access-list 110 permit tcp any any eq www
access-list 110 permit tcp any any eq ftp
access-list 110 permit tcp any any eq pop3
access-list 110 permit tcp any any eq echo
access-list 110 permit tcp any any eq smtp
access-list 110 permit tcp any any eq domain
access-list 110 permit tcp any any eq 3389
access-list 110 permit udp any any eq echo
access-list 110 permit udp any any eq tftp
access-list 110 permit udp any any eq domain
access-list 110 permit tcp host ***.***.145.125 any
access-list 110 permit udp host ***.***.145.125 any
access-list 110 permit tcp host ***.***.145.116 eq www any
access-list 110 permit tcp host ***.***.145.116 eq ftp any
access-list 110 permit tcp host ***.***.145.116 eq ftp-data any
access-list 110 permit tcp host ***.***.145.116 eq 3389 any
access-list 110 permit tcp host ***.***.145.116 eq smtp any
access-list 110 permit tcp host ***.***.145.117 eq 3389 any
access-list 110 permit tcp host ***.***.145.115 eq 3389 any
access-list 110 permit tcp host ***.***.145.115 eq 3389 0.0.0.5 255.255.255.0
no cdp run
!
control-plane
!
banner exec ^C
% Password expiration warning.
-----------------------------------------------------------------------
Cisco Router and Security Device Manager (SDM) is installed on this device and
it provides the default username "cisco" for one-time use. If you have already
used the username "cisco" to login to the router and your IOS image supports the
"one-time" user option, then this username has already expired. You will not be
able to login to the router with this username after you exit this session.
It is strongly suggested that you create a new username with a privilege level
of 15 using the following command.
username <myuser> privilege 15 secret 0 <mypassword>
Replace <myuser> and <mypassword> with the username and password you want to
use.
-----------------------------------------------------------------------
^C
banner login ^CAuthorized access only!
Disconnect IMMEDIATELY if you are not an authorized user!^C
!
line con 0
login local
line aux 0
line vty 0 4
privilege level 15
login local
transport input telnet
line vty 5 15
privilege level 15
login local
transport input telnet
!
scheduler allocate 4000 1000
end
Solved! Go to Solution.
12-17-2013 11:38 AM
I am glad that it is working now and that the problem turned out to be a configuration issue on the ISP side. Thank you for posting back to the forum to update us and let us know that it is working now. Thank you for using the rating system to mark this question as answered.
HTH
Rick
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide