Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
744
Views
0
Helpful
6
Replies

Help with routing.

Ray
Level 1
Level 1

‎05-29-2017 12:25 PM - edited ‎03-05-2019 08:37 AM

Hello everyone. I'm trying to get the routing correct on a cisco router that connects to a ubee cable modem. Basically, the cable modem has an internal ip of 192.168.0.1. The cisco routers wan interface is 192.168.0.250, and it's vlan's gateway  is 192.168.5.1. Machine's on the 192.168.5.x network can ping the 0.1 interface, but, they cannot get out to the internet. The route on the cisco router is a default 0.0.0.0 (which I think is all I need). On the UBEE Cable modem, there's no way to see the routes. Any ideas? I've not messed with routing in a very long time, and I know I'm missing something, but I'm under the gun to get this running, and I'm absolutely clueless. Any help and education is extremely appreciated.

Labels:
0 Helpful
6 Replies 6

Julio E. Moisa
VIP Alumni
VIP Alumni

‎05-29-2017 12:37 PM

Hi

Have you configured a NAT on the router?

Your config could be:

interface fa0/0
ip add 192.168.0.250 255.255.255.0
ip nat outside
no shut

interface fa0/1
ip add 192.168.5.1 255.255.255.0
ip nat inside
no shut

ip access-list standard PRIVATE-NETS
permit ip 192.168.5.0 0.0.0.255

ip nat inside source list  PRIVATE-NETS interface fa0/0 overload

ip route 0.0.0.0 0.0.0.0 192.168.0.1 name INTERNET




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<
0 Helpful

Ray
Level 1
Level 1
In response to Julio E. Moisa

‎05-29-2017 12:37 PM

Hi Julio,

nat is enabled on the 192.168.0.250 interface (Wan gigabit ethernet 0), it is also enabled on the ubee modem. Is that what you need?

0 Helpful

Julio E. Moisa
VIP Alumni
VIP Alumni
In response to Ray

‎05-29-2017 12:41 PM

Hi Ray, 

Please compare my configuration with your, (the interface could be different but the essential is there)

Could you please share the config of the router?




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<
0 Helpful

Ray
Level 1
Level 1
In response to Julio E. Moisa

‎05-29-2017 12:51 PM

Sorry Julio. Here is the config. I apolgize for my ignorance. I definitely appreciate your help.


yourname#sh conf
Using 2824 out of 262136 bytes
!
! Last configuration change at 19:18:49 UTC Mon May 29 2017 by admin
! NVRAM config last updated at 19:18:58 UTC Mon May 29 2017 by admin
! NVRAM config last updated at 19:18:58 UTC Mon May 29 2017 by admin
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname yourname
!
boot-start-marker
boot-end-marker
!
!
logging buffered 51200 warnings
!
no aaa new-model
!
crypto pki token default removal timeout 0
!
crypto pki trustpoint TP-self-signed-3408197356
 enrollment selfsigned

yourname#sh conf
Using 2824 out of 262136 bytes
!
! Last configuration change at 19:18:49 UTC Mon May 29 2017 by admin
! NVRAM config last updated at 19:18:58 UTC Mon May 29 2017 by admin
! NVRAM config last updated at 19:18:58 UTC Mon May 29 2017 by admin
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname yourname
!
boot-start-marker
boot-end-marker
!
!
logging buffered 51200 warnings
!
no aaa new-model
!
crypto pki token default removal timeout 0
!
crypto pki trustpoint TP-self-signed-3408197356
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-3408197356
 revocation-check none
 rsakeypair TP-self-signed-3408197356
!
!
crypto pki certificate chain TP-self-signed-3408197356
 certificate self-signed 01 nvram:IOS-Self-Sig#2.cer
ip source-route
!
!
!
ip dhcp excluded-address 10.10.10.1
!
ip dhcp pool POSPool
 import all
 network 192.168.5.0 255.255.255.0
 dns-server 209.18.47.62
!
!
ip cef
ip domain name yourdomain.com
ip name-server 209.18.47.62
ipv6 unicast-routing
ipv6 cef
!
!
!
!
multilink bundle-name authenticated
!
!
!
!
!
!
license udi pid CISCO891-K9 sn FTX170480XF
!
!
username admin privilege 15 secret 4 MR2nmOG5zNvjnsoQEnC0ORGH9OJXUbCmvLXI8ckFRwY
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0
 no ip address
!
interface FastEthernet1
 no ip address
!
interface FastEthernet2
 no ip address
!
interface FastEthernet3
 no ip address
!
interface FastEthernet4
 no ip address
!
interface FastEthernet5
 no ip address
!
interface FastEthernet6
 no ip address
!
interface FastEthernet7
 no ip address
!
interface FastEthernet8
 ip address dhcp
 ip nat outside
 ip virtual-reassembly in
 duplex auto
 speed auto
!
interface GigabitEthernet0
 ip address 192.168.0.250 255.255.255.0
 ip nat outside
 ip virtual-reassembly in
 duplex auto
 speed auto
 ipv6 address autoconfig
 ipv6 enable
 ipv6 dhcp client pd prefix-from-provider
!
interface Vlan1
 description $ETH_LAN$
 ip address 192.168.5.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
 ip tcp adjust-mss 1452
!
interface Async1
 no ip address
 encapsulation slip
!
ip default-gateway 192.168.0.1
ip forward-protocol nd
!
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 199 interface GigabitEthernet0 overload
ip route 0.0.0.0 0.0.0.0 192.168.0.1 name INTERNET
!
ip access-list standard POSNET
ip access-list standard PRIVATE-NETS
!
no cdp run
!
!
!
!
!
!
control-plane
!
!
!
!
mgcp profile default
!
!
!
!
!
line con 0
 login local
line 1
 modem InOut
 stopbits 1
 speed 115200
 flowcontrol hardware
line aux 0
line vty 0 4
 privilege level 15
 login local
 transport input telnet ssh
line vty 5 15
 access-class 23 in
 privilege level 15
 login local
 transport input telnet ssh
!
end

0 Helpful

Julio E. Moisa
VIP Alumni
VIP Alumni
In response to Ray

‎05-29-2017 01:18 PM

Hi Ray,

No worries, everything looks fine but the ACL 199 is missing, that is the reason that the computers are not getting Internet access, I suggest change it for a standard ACL

Current config: 

ip nat inside source list 199 interface GigabitEthernet0 overload

Recommended config:

ip access-list standard PRIVATE-NETS
permit ip 192.168.5.0 0.0.0.255

ip nat inside source list  PRIVATE-NETS interface G0/0 overload

About the DHCP scope, you should exclude the gateway.

ip dhcp excluded-address 192.168.5.1 

ip dhcp pool POSPool
 import all
 network 192.168.5.0 255.255.255.0
 default-router 192.168.5.1
 dns-server 209.18.47.62  8.8.8.8  4.2.2.2




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<
0 Helpful

Raja_D
Level 1
Level 1
In response to Ray

‎05-29-2017 11:05 PM

Hi,

Remove ip default-gateway 192.168.0.1 from the configuration as its not required as you have already set the default route pointing towards 192.168.0.1.

ip default-gateway is generally used in those devices that do not support routing or in low end devices or used when you want to disable the routing feature ( no ip routing) from the router and make use of the ip default-gateway command

0 Helpful
Customers Also Viewed These Support Documents