Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
389
Views
5
Helpful
2
Replies

Need Help with Configuration Cisco 2901/ Ping is working from the router but i don't have internet. Help!!!

Go to solution
aw1998
Level 1
Level 1

‎03-08-2018 09:59 AM - edited ‎03-05-2019 10:03 AM

Building configuration...

Current configuration : 7230 bytes
!
! Last configuration change at 16:00:00 UTC Wed Mar 7 2018 by admin
!
version 15.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
no service dhcp
!
hostname BlueICTRT001
!
boot-start-marker
boot-end-marker
!
!
logging buffered 51200 warnings
enable secret 5 $1$38yR$MRnillVQEV1xUeX0vEibE0
!
no aaa new-model
memory-size iomem 20
!
!
!
!
!
!
!
!
!
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.5.1
!
ip dhcp pool ccp-pool
import all
network 192.168.5.0 255.255.255.0
default-router 192.168.5.1
dns-server 192.168.5.201
lease 0 2
!
!
!
ip domain name BlueICT.local
ip cef
no ipv6 cef
multilink bundle-name authenticated
!
!
cts logging verbose
!
crypto pki trustpoint TP-self-signed-2535799700
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2535799700
revocation-check none
rsakeypair TP-self-signed-2535799700
!
!
crypto pki certificate chain TP-self-signed-2535799700
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 32353335 37393937 3030301E 170D3137 31313131 31353531
31335A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 35333537
39393730 3030819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100BC9C 76FD5821 FB2DB643 22B16512 1D3D6811 27A1296A 457D812B 101EFF3B
95FEDD8A 398002B0 D435ECDB EB439D99 02798D29 0ECC52DD 952815B7 F5DC81D7
55F9A057 B07720FA 399D56A6 73FE7377 3045A059 832DFD45 2AF6767B 88116100
A0D5D8CD 27E01E98 66224732 7E359B93 D6CE7567 CFE67E34 101AC9CA 10BDCA0C
32C10203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 149A8DA5 27153D6D B2AAB7E9 FFEF21A6 0C7FF587 DD301D06
03551D0E 04160414 9A8DA527 153D6DB2 AAB7E9FF EF21A60C 7FF587DD 300D0609
2A864886 F70D0101 05050003 81810067 924489CA 50FC96B6 C8D0EE73 75CBEABD
6504AE44 8442CC70 34F4755D EFDB360C 2035641E 19C4D44D 3F06B6BD 62055A02
B79CEA3E 7B0EACCA 2713B5DF 829A9EAD B0B7E729 53A63429 EDC664C8 98CA54D9
72F4A8B5 05069E7F 59992D5D 4E86F749 352448FA C05B04E7 B10921C0 753F1102
7AB0EC09 11F9078A 763A4F1B 923901
quit
license udi pid CISCO2901/K9 sn FGL214582KX
!
!
archive
log config
hidekeys
object-group network RFC1918
10.0.0.0 255.0.0.0
172.16.0.0 255.240.0.0
192.168.0.0 255.255.0.0
!
object-group network RoutIT_SBC
89.146.63.24 255.255.255.248
172.31.161.248 255.255.255.248
89.146.63.248 255.255.255.248
145.131.159.56 255.255.255.248
89.146.63.152 255.255.255.248
145.131.159.48 255.255.255.248
89.146.63.240 255.255.255.248
89.146.63.16 255.255.255.248
89.146.63.40 255.255.255.248
!
username admin privilege 15 secret 5 $1$Hflb$L58qGA2HXUTwBOij8aRrG0
!
redundancy
!
!
!
class-map match-all EF
match dscp ef
class-map match-all AF11
match dscp af11
!
policy-map QoS
class EF
priority percent 60
class AF11
bandwidth 50
class class-default
!
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
!
interface GigabitEthernet0/0
description $ES_WAN$$FW_ZIGGO$
mac-address 001d.aa5a.d0f1
no ip dhcp client request tftp-server-address
ip address 217.105.132.143 255.255.254.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat outside
ip virtual-reassembly in
ip verify unicast source reachable-via rx allow-default 100
no ip route-cache
ip tcp adjust-mss 1452
duplex auto
speed auto
service-policy output QoS
!
interface GigabitEthernet0/1
description $ETH_LAN$$FW_INSIDE$
ip address 192.168.5.1 255.255.255.0
ip access-group phantom_filter out
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly in
no ip route-cache
ip tcp adjust-mss 1452
duplex auto
speed auto
no cdp enable
no mop enabled
!
interface Virtual-Template1
ip address dhcp
ip nat outside
ip virtual-reassembly in
!
ip forward-protocol nd
!
ip http server
ip http access-class 23
ip http authentication local
no ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
no ip nat service sip udp port 5060
ip nat pool ip 217.105.132.143 217.105.132.143 prefix-length 21
ip nat inside source static tcp 192.168.5.202 3389 interface GigabitEthernet0/0 3389
ip nat inside source route-map nonat interface GigabitEthernet0/0 overload
ip route 0.0.0.0 0.0.0.0 217.105.132.1
!
ip access-list extended phantom_filter
permit udp object-group RoutIT_SBC object-group RFC1918 range 5060 5062
permit tcp object-group RoutIT_SBC object-group RFC1918 range 5060 5062
deny udp any any range 5060 5062
deny tcp any any range 5060 5062
permit ip any any
!
!
!
access-list 1 permit 192.168.5.0 0.0.0.255
access-list 23 permit 192.168.5.0 0.0.0.255
!
control-plane
!
^C
banner login ^CCC
+--------------------------------------------------------------------+
| WARNING |
| ------- |
| This system is solely for the use of authorized users for official |
| purposes. You have no expectation of privacy in its use and to |
| ensure that the system is functioning properly, individuals using |
| this computer system are subject to having all of their activities |
| monitored and recorded by system personnel. Use of this system |
| evidences an express consent to such monitoring and agreement that |
| if such monitoring reveals evidence of possible abuse or criminal |
| activity, system personnel may provide the results of such |
| monitoring to appropriate officials. |
+--------------------------------------------------------------------+
^C
!
line con 0
login local
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
access-class 23 in
privilege level 15
login local
transport input all
line vty 5 15
access-class 23 in
privilege level 15
login local
transport input telnet ssh
!
scheduler allocate 20000 1000
!
end

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Georg Pauwen
VIP
VIP

‎03-08-2018 11:14 AM

Hello,

 

you need to add:

 

ip nat inside source list 1 pool ip
access-list 1 permit 192.168.5.0 0.0.0.255

 

or

 

ip nat inside source list 1 interface GigabitEthernet0/0 overload

 

to your configuration.

View solution in original post

2 Replies 2

Go to solution
Georg Pauwen
VIP
VIP

‎03-08-2018 11:14 AM

Hello,

 

you need to add:

 

ip nat inside source list 1 pool ip
access-list 1 permit 192.168.5.0 0.0.0.255

 

or

 

ip nat inside source list 1 interface GigabitEthernet0/0 overload

 

to your configuration.

Go to solution
aw1998
Level 1
Level 1
In response to Georg Pauwen

‎03-09-2018 01:07 AM

Thank you for the feedback. 

Armand

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card