Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
377
Views
0
Helpful
2
Replies

Internet Access Problem

tsgurjar
Level 1
Level 1

‎10-05-2021 02:35 AM

I have connected my CISCO 1921 Router as show in diagram and configure it , but I could not get internet access in my LAN 10.60.100.0/23 , the configuration are as

Network Dia.png

DSLAMJP#show config

Using 1738 out of 262136 bytes

!

! Last configuration change at 08:03:08 UTC Tue Oct 5 2021

!

version 15.8

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname DSLAMJP

!

boot-start-marker

boot-end-marker

!

!

enable password xxxxxx

!

no aaa new-model

!

!

!

!

!

!

!

!

!

ip dhcp excluded-address 10.60.100.1 10.60.100.10

!

ip dhcp pool LAN

network 10.60.100.0 255.255.254.0

default-router 10.60.100.1

dns-server 203.153.41.28 203.153.44.44

!

!

!

no ip domain lookup

ip cef

no ipv6 cef

multilink bundle-name authenticated

!

!

crypto pki trustpoint TP-self-signed-3873411360

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-3873411360

revocation-check none

rsakeypair TP-self-signed-3873411360

!

!

crypto pki certificate chain TP-self-signed-3873411360

certificate self-signed 01 nvram:IOS-Self-Sig#3.cer

license udi pid CISCO1921/K9 sn FGL190321FA

!

!

!

redundancy

!

!

!

!

!

!

interface Loopback0

no ip address

!

interface Loopback1

no ip address

!

interface Embedded-Service-Engine0/0

no ip address

shutdown

!

interface GigabitEthernet0/0

ip address 10.255.241.26 255.255.255.252

description WAN

ip nat outside

ip virtual-reassembly in

duplex full

speed auto

!

interface GigabitEthernet0/1

description LAN

ip address 10.60.100.1 255.255.254.0

ip nat inside

ip virtual-reassembly in

duplex full

speed auto

!

ip forward-protocol nd

!

no ip http server

no ip http secure-server

!

Ip nat inside source list 99 interface GigabitEthernet0/0 overload

ip route 0.0.0.0 0.0.0.0  10.255.241.25

!

!

access-list 99 permit any

!

control-plane

!

!

line con 0

line aux 0

line 2
no activation-character
no exec
transport preferred none
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
password xxxxxx
login
transport input telnet
!
scheduler allocate 20000 1000
!
end

DSLAMJP#

 

Please help in this matter

Labels:
0 Helpful
2 Replies 2

pman
Spotlight
Spotlight

‎10-05-2021 10:27 PM - edited ‎10-05-2021 11:09 PM

Hi,

Have you checked that there is no routing problem?
Have you checked ping from address 10.255.241.26 to the internet?

Is there another router in the topology described where NAT is configured?

about the NAT

Cisco highly recommends that you do not configure access lists referenced by NAT commands with permit any. Using permit any can result in NAT consuming too many router resources which can cause network problems.


no access-list 99 permit any

access-list 99 permit 10.60.100.0 0.0.1.255

0 Helpful

Georg Pauwen
VIP
VIP

‎10-05-2021 11:31 PM

Hello,

 

in addition to what @pman said, what is the router in the middle, the one with  IP address 10.255.241.25, doing ? That router needs to NAT as well, can you post the config of this device as well ?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card