Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
7272
Views
1
Helpful
12
Replies

I need help with the basic configuration on my cisco 892-k9 router

Go to solution
brianwbyrd
Level 1
Level 1

‎12-08-2015 02:25 PM - edited ‎03-05-2019 02:53 AM

I am not a network engineer and this is the first Cisco router that I have purchased. I found it on Amazon for a really good price and bought it. I plugged it in and realized that none of the ports were active, except for the WAN ports. The version that I have has two WAN ports and the following LAN ports: 1 Gb port and seven 100 Mb ports. The router is capable of running multiple VLAN's as well as POE. But I am going to use this as a home router with two WIFI routers hardwired into the router. One for the first floor and one for the third floor.

My goal is to set up one vlan using the 1 Gb WAN port with all of the LAN ports and reasonable settings on the firewall to keep out the riff raf. I may want to open an ssh port and possibly a http/https proxy that would allow me to use my home network for internet remotely. But mostly I just want the basic setup for now.

I happen to have a DEC VT340 with the proper serial cable that I can use to connect my terminal to the console. So I have console using the VT340. I spent most of Sunday working on trying to get a basic setup and managed to create a VLAN, called VLAN0, with all of the ports, but I can't get the VLAN to start and turn on the LAN ports. I also want the router to provide DHCP. Any help with doing the basic configuration would be great. I can reset the router to default if that would be easier.

Ultimately I want to get this thing working before my wife makes me send it back.

Thanks in advance.

Brian

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Seb Rupik
VIP Alumni
VIP Alumni
In response to brianwbyrd

‎12-11-2015 04:24 AM

Is the router connected to one of the FastEthernet ports or to Gi0 ?

Something is connected to Fa7 and leased an address.

What port is your PC connected to? The port config looks good and the DHCP is clearly functioning...

View solution in original post

0 Helpful
12 Replies 12

Go to solution
Seb Rupik
VIP Alumni
VIP Alumni

‎12-08-2015 11:57 PM

Hi Brian,

Can you provide the current running configuration so we can see how far you've got?

If you console onto it, enter exec mode and type 'terminal length 0', it should blurt out all the config in one go.

cheers,

Seb.

0 Helpful

Go to solution
brianwbyrd
Level 1
Level 1
In response to Seb Rupik

‎12-09-2015 05:40 AM

Thanks for letting me know how to get all of the output. I can run "sh run" and get the configuration. Unfortunately because I am using a stand alone terminal I can't capture the output. The interfaces are there but each on has no ip address, shutdown, no cdp enable. I can probably use my laptop for the terminal if I get a male DB9 to male DB9 connector. I was mostly looking for is a high level list of tasks I need to do and a good guide on how to do them. I might be close, but I have no idea. Thanks.

0 Helpful

Go to solution
Seb Rupik
VIP Alumni
VIP Alumni
In response to brianwbyrd

‎12-09-2015 06:02 AM

OK, I've made some assumptions about interfaces names WAN (gi0) LAN (fa0/0-7). Also I don't like the idea of using VLAN1 for user traffic and I like VLAN0 even less, so I've created VLAN 10 for your LAN users.

Try the following:

!
int vlan 10
 name inside
 ip address 10.10.10.254 255.255.255.0
 ip nat inside
 ip nat enable
!
ip dhcp excluded-address 10.10.10.254
!
ip dhcp pool dhcp_inside
 network 10.10.10.0 255.255.255.0
 dns-server 8.8.8.8
 default-router 10.10.10.254
!
int gi0
 desc WAN port
 ip address dhcp
 ip nat outside
 ip nat enable
!
int range fa0/0-7
 switchport access vlan 10
 no shut
!
ip nat inside source list 10 interface gi0 overload
ip route 0.0.0.0 0.0.0.0 gi0
!
access-list 10 permit 10.10.10.0 0.0.0.255
!

cheers,

Seb.

0 Helpful

Go to solution
brianwbyrd
Level 1
Level 1
In response to Seb Rupik

‎12-10-2015 12:40 PM

Hi Seb,

I followed your directions. However when I tried doing "name inside" I got an error that the name command was unknown and at the end the internal ports still don't have IP addresses, but I was able to connect my laptop to a port. I just can't do anything with the port since the port I am connecting to doesn't have an IP address.

What is the command that I am missing that assigns the DHCP pool to VLAN 10? Also why does it matter if I call it VLAN0, VLAN1 or VLAN10? Just curious.

Thanks.

0 Helpful

Go to solution
Seb Rupik
VIP Alumni
VIP Alumni
In response to brianwbyrd

‎12-10-2015 01:23 PM

Argh, that is ASA config and a typo to boot!, ignore that line!

The DHCP pool command listed above has a network statement which matches the VLAN10 subnet ID, thereby enabling DHCP on that VLAN.

What is the output on the commands:

sh ip int br
sh int status
sh ip dhcp pool

It is Cisco security best practice to not use VLAN1, it is used for control traffic which you do not want to expose to user devices.

cheers,

Seb.

0 Helpful

Go to solution
brianwbyrd
Level 1
Level 1
In response to Seb Rupik

‎12-10-2015 03:25 PM

Here are the screen shots. Thanks.

Preview file
83 KB
Preview file
94 KB
Preview file
83 KB
0 Helpful

Go to solution
Seb Rupik
VIP Alumni
VIP Alumni
In response to brianwbyrd

‎12-11-2015 12:08 AM

Hi,

The first screenshot shows that the Layer3 VLAN 10 interface has not been created. The second one shows us you have all the switchports on the correct Layer2 VLAN.

Oddly the third shows the DHCP pool we created 'dhcp_inside' but with a with a range we didn't specify.

Can you try punching in the following commands again and let me know if it complains:

!
int vlan 10
 ip address 10.10.10.254 255.255.255.0
 ip nat enable
 ip nat inside
!
ip dhcp excluded-address 10.10.10.254
!
ip dhcp pool dhcp_inside
 network 10.10.10.0 255.255.255.0
 dns-server 8.8.8.8
 default-router 10.10.10.254
!

cheers,

Seb.

0 Helpful

Go to solution
brianwbyrd
Level 1
Level 1
In response to Seb Rupik

‎12-11-2015 02:41 AM

I was trying to use subnet 192.168.67.*. But I reset the router to the default and reentered the manual configuration that you have above. It looks like I am close, but I am still not getting an IP address when I connect an ethernet cable.

Preview file
88 KB
Preview file
93 KB
Preview file
83 KB
Preview file
82 KB
0 Helpful

Go to solution
Seb Rupik
VIP Alumni
VIP Alumni
In response to brianwbyrd

‎12-11-2015 02:51 AM

Looks promising. The last screenshot shows one lease, what is the output of:

sh ip dhcp binding

...do you recognise the MAC address?

Try:

sh mac-address-table

0 Helpful

Go to solution
brianwbyrd
Level 1
Level 1
In response to Seb Rupik

‎12-11-2015 03:12 AM

I have one of the WAN ports connected to another router. Here is the output from the above commands. Thanks.

Preview file
95 KB
0 Helpful

Go to solution
Seb Rupik
VIP Alumni
VIP Alumni
In response to brianwbyrd

‎12-11-2015 04:24 AM

Is the router connected to one of the FastEthernet ports or to Gi0 ?

Something is connected to Fa7 and leased an address.

What port is your PC connected to? The port config looks good and the DHCP is clearly functioning...

0 Helpful

Go to solution
brianwbyrd
Level 1
Level 1
In response to Seb Rupik

‎12-14-2015 10:50 AM

Sorry I accidentally hit correct answer. I still can't assign an IP address to an internal port. While I am trying to configure the router I have my WIFI plugged into the Gigabit Wan port and my laptop plugged into FE7.

In some posts I see people leaving switch port on, in others people turn it off. There should be a straightforward document that describes building a basic configuration for one sub net with a firewall. If I could find the exact configuration commands, reset the router to default and just type in the commands that would be easier. 

Customers Also Viewed These Support Documents