cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4150
Views
0
Helpful
10
Replies

LAN not communicating with WAN

andylee1892
Level 1
Level 1

Hi all,

Writing my first router config from scratch for an 1801.  I have wireless devices able to connect & authenticate with WPA.  Wired devices can talk with wireless devices & on both interfaces devices obtain a DHCP lease.  I can ping web based resources from the FA0 interface; the problem is, LAN devices can't ping has FA0.  I'm pretty sure (well a hunch) that this is going to be down to NAT

Have I gone completely wrong with this?

Thanks for any help

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname Router0

!

boot-start-marker

boot-end-marker

!

enable secret xxxxxxxxx

!

no aaa new-model

!

!

dot11 syslog

!

dot11 ssid TEST_NETWORK

   authentication open

   authentication key-management wpa

   guest-mode

   wpa-psk ascii xxxxxxxxx

!

!

!

ip cef

no ip dhcp use vrf connected

ip dhcp excluded-address 192.168.1.1 192.168.1.99

ip dhcp excluded-address 192.168.1.126 192.168.1.254

!

ip dhcp pool Client-Pool

   import all

   network 192.168.1.0 255.255.255.0

   domain-name domain.com

   dns-server 192.168.1.1 8.8.8.8

   default-router 192.168.1.1

!

!

ip domain name domain.com

ip name-server 192.168.1.1

ip name-server 8.8.8.8

ip name-server 4.2.2.2

ip name-server 208.67.220.220

ip name-server 208.67.222.222

!

multilink bundle-name authenticated

!

!

username xxxxxxxxx privilege 15 password xxxxxxxxx

!

!

archive

log config

  hidekeys

!

!

bridge irb

!

!

!

interface FastEthernet0

ip address dhcp

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

pppoe enable

pppoe-client dial-pool-number 1

!

interface BRI0

no ip address

encapsulation hdlc

shutdown

!

interface FastEthernet1

description test

!

interface FastEthernet2

!

interface FastEthernet3

!

interface FastEthernet4

!

interface FastEthernet5

!

interface FastEthernet6

!

interface FastEthernet7

!

interface FastEthernet8

!

interface Dot11Radio0

no ip address

!

encryption mode ciphers tkip

!

ssid TEST_NETWORK

!

speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0

station-role root

bridge-group 1

bridge-group 1 subscriber-loop-control

bridge-group 1 spanning-disabled

bridge-group 1 block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

!

interface Dot11Radio1

no ip address

!

encryption mode ciphers tkip

!

ssid TEST_NETWORK

!

speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0

station-role root

bridge-group 1

bridge-group 1 subscriber-loop-control

bridge-group 1 spanning-disabled

bridge-group 1 block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

!

interface ATM0

no ip address

shutdown

no atm ilmi-keepalive

dsl operating-mode auto

!

interface Vlan1

no ip address

ip nat inside

ip virtual-reassembly

bridge-group 1

!

interface BVI1

description $ES_LAN$

ip address 192.168.1.1 255.255.255.0

!

ip forward-protocol nd

!

!

ip http server

ip http port 2002

no ip http secure-server

ip nat pool NAT_POOL 192.168.1.0 192.168.2.0 netmask 0.0.0.255

ip nat inside source list 1 interface FastEthernet0 overload

!

access-list 1 permit 192.168.1.0 0.0.0.255

!

!

!

!

!

!

control-plane

!

bridge 1 protocol ieee

bridge 1 route ip

!

line con 0

line aux 0

line vty 0 4

!

2 Accepted Solutions

Accepted Solutions

Hi,

yes indeed if it is cable modem then no need for DSL module

Regards

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.

View solution in original post

Hi,

int vlan 1

no ip nat inside

int bvi1

ip nat inside

Regards

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.

View solution in original post

10 Replies 10

Pawan Sharma
Level 1
Level 1

I think command 'IP ROUTING' should solve the purpose.

Regards,

Pawan Sharma

http://www.ebrahma.com

Regards,
Pawan Sharma
https://itgears.io

Thanks Pawan

I issued this command at global config mode however it hasn't made a difference

andylee1892
Level 1
Level 1

OK, I have previously been going through the config guide here

When issuing the command "vpdn enable" I am not put into the mode Hostname(config-vpdn)# as the instructions state I should be; "vpdn enable" has no visible effect and leaves me at the global configuration mode.  I therefore can't follow the rest of the commands and can't set up the virtual dialup private network.  With a bit of experimentation, I can enter the following:

I enter::            Hostname(config)#vpdn-group 1

Guide says::     Hostname(config-vpdn)# vpdn group 1

I enter::            Hostname(config-vpdn)#request-dialin

Guide Says::    Hostname(config-vpdn-grp)# request-dialin

These are the only commands I can enter that bear any resemblance to the guide; however the commands differ slightly and are at different modes.  The guide also has Hostname(config-vpdn-grp)# initiate to 192.168.1.1 which I simply can't enter.

Does anyone know the correct syntax, whether or not I actually need to configure this to achieve my aim & also why the guide for the 1800 series router contains commands I can't enter at the CLI ???

Scratch the above... the first line of this section in the guide reads "The Cisco 1811 and Cisco 1812 integrated services  fixed-configuration routers support Point-to-Point Protocol over  Ethernet (PPPoE) clients and network address translation (NAT). "

As I have an 1801 these commands obviously won't work!! Now i'm really stumped - the guide for the 1801 shows WAN configuration using the ATM interface & DSL

Hi,

You'll need this: http://www.cisco.com/en/US/prod/collateral/routers/ps221/product_data_sheet0900aecd8028aa5a_ps5853_Products_Data_Sheet.html

Regards

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.

Thanks cadet alain, but I don't have a DSL, I am connecting to a cable modem via the FA0 port on my 1801!

As per the OP, I can ping www.google.com from the router - so my cable modem is assigning an IP address and I have connectivity at the WAN.  LAN devices talk to each other (wired & wireless) the problem is with the LAN talking to the WAN.  I just don't know how to get traffic from the LAN to the WAN and back again   I may be wrong, but I don't this an ADSL module would rectify this

Hi,

yes indeed if it is cable modem then no need for DSL module

Regards

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.

OK, cheers CA.  Any ideas where I'm going wrong with the config

Hi,

int vlan 1

no ip nat inside

int bvi1

ip nat inside

Regards

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.

Sorry it has taken so long to get back, I have been away.

Cadet Alain, your answer worked a treat, thanks very much

Review Cisco Networking for a $25 gift card