Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
491
Views
5
Helpful
2
Replies

no Internet connections on Vlan

Go to solution
karthiksam
Level 1
Level 1

‎12-17-2018 09:09 PM

hi im a beginner need help to give internet access to vlan 20,40 and to restrict internet from vlan 10, 30. 

 

 

 

Current configuration : 2148 bytes
!
! Last configuration change at 03:54:57 UTC Tue Dec 18 2018
!
version 15.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
!
!
!
!
!
!
!
!
!
!
ip dhcp excluded-address 192.168.20.0 192.168.20.10
ip dhcp excluded-address 192.168.40.0 192.168.40.10
!
ip dhcp pool vlan20
network 192.168.20.0 255.255.255.0
default-router 192.168.20.1
dns-server 8.8.8.8
!
ip dhcp pool vlan40
network 192.168.40.0 255.255.255.0
default-router 192.168.40.1
dns-server 8.8.8.8
!
!
!
ip cef
no ipv6 cef
multilink bundle-name authenticated
!
!
cts logging verbose
!
!
license udi pid CISCO2901/K9 sn FGL211310J6
!
!
!
redundancy
!
!
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description link to Switch
no ip address
no ip proxy-arp
ip nat inside
ip virtual-reassembly in
ip policy route-map CAP-GRE-TUNNEL
duplex auto
speed auto
!
interface GigabitEthernet0/0.10
encapsulation dot1Q 10 native
ip address 192.168.10.1 255.255.255.0
!
interface GigabitEthernet0/0.20
encapsulation dot1Q 20
ip address 192.168.20.1 255.255.255.0
!
interface GigabitEthernet0/0.30
encapsulation dot1Q 30
ip address 192.168.30.1 255.255.255.0
!
interface GigabitEthernet0/0.40
encapsulation dot1Q 40
ip address 192.168.40.1 255.255.255.0
!
interface GigabitEthernet0/1
description WanIP
ip address 172.17.1.229 255.255.255.0
no ip proxy-arp
ip nat outside
ip virtual-reassembly in max-reassemblies 64
duplex auto
speed auto
!
router rip
version 2
passive-interface GigabitEthernet0/0
network 192.168.0.0
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip nat inside source list 1 interface GigabitEthernet0/0 overload
!
!
!
access-list 1 permit 192.168.10.0 0.0.0.255
!
control-plane
!
!
!
line con 0
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
login
transport input none
!
scheduler allocate 20000 1000
!
end

1 person had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
johnlloyd_13
Level 9
Level 9

‎12-18-2018 12:18 AM

hi,

try enabling 'NAT inside' on the VLAN 20 and VLAN 40 sub-interfaces and re-configure NAT as follows:

 

interface GigabitEthernet0/0.20
 ip nat inside

interface GigabitEthernet0/0.40
 ip nat inside

no ip nat inside source list 1 interface GigabitEthernet0/0 overload
no access-list 1 permit 192.168.10.0 0.0.0.255

access-list 1 permit 192.168.0.0 0.0.255.255
ip nat inside source list 1 interface GigabitEthernet0/0 overload

ip route 0.0.0.0 0.0.0.0 <ISP HOP>

View solution in original post

2 Replies 2

Go to solution
johnlloyd_13
Level 9
Level 9

‎12-18-2018 12:18 AM

hi,

try enabling 'NAT inside' on the VLAN 20 and VLAN 40 sub-interfaces and re-configure NAT as follows:

 

interface GigabitEthernet0/0.20
 ip nat inside

interface GigabitEthernet0/0.40
 ip nat inside

no ip nat inside source list 1 interface GigabitEthernet0/0 overload
no access-list 1 permit 192.168.10.0 0.0.0.255

access-list 1 permit 192.168.0.0 0.0.255.255
ip nat inside source list 1 interface GigabitEthernet0/0 overload

ip route 0.0.0.0 0.0.0.0 <ISP HOP>

Go to solution
karthiksam
Level 1
Level 1
In response to johnlloyd_13

‎12-19-2018 01:27 AM

Sorry for the lte reply.... thank john

0 Helpful
Customers Also Viewed These Support Documents