Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
968
Views
0
Helpful
6
Replies

ROAS Issue

Go to solution
jnewton83985
Level 1
Level 1

‎02-22-2023 05:42 PM - last edited on ‎02-28-2023 02:03 AM by Community Manager

Running into an issue that I cannot figure out and looking for help. 

Cable modem (bridge mode) -> 1921 router -> 3750 switch -> computers

No devices can ping the

default gateway:10.5.104.1

The router config was built by another tech but worked at this location at one time which puzzles me as

10.5.104.1

is not anywhere in the config.  

  • Is it normal for the inside interface of a router to have no IP address?
  • I can only get this to work in CML by creating 
    gi0/1.10 and placing 10.5.104.1
    on this interface, then the desktop can ping the 
    default gateway
Switch config

spanning-tree mode rapid-pvst
spanning-tree extend system-id
!
interface GigabitEthernet1/0/16
switchport access vlan 10
switchport mode access
switchport port-security maximum 2
switchport port-security mac-address sticky
speed 1000
storm-control broadcast level bps 10m
storm-control multicast level bps 10m
storm-control action shutdown
storm-control action trap
spanning-tree portfast
spanning-tree bpduguard enable
!
interface GigabitEthernet1/0/19
description AUTONOMOUS AP
switchport trunk encapsulation dot1q
switchport trunk native vlan 10
switchport trunk allowed vlan 2,5,10
switchport mode trunk
spanning-tree portfast trunk
!
interface GigabitEthernet1/0/43
switchport access vlan 5
switchport mode access
switchport port-security maximum 2
switchport port-security mac-address sticky
storm-control broadcast level bps 10m
storm-control multicast level bps 10m
storm-control action shutdown
storm-control action trap
spanning-tree portfast
spanning-tree bpduguard enable
!
interface GigabitEthernet1/0/46
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface Vlan1
no ip address
!
interface Vlan2
ip address 10.2.104.6 255.255.255.0
ip helper-address 10.5.104.2
!
interface Vlan5
ip address 10.5.104.76 255.255.255.248
!
interface Vlan10
ip address 10.5.104.6 255.255.255.192
!
interface Vlan199
ip address 10.199.1.116 255.255.255.0
!
ip default-gateway 10.5.104.73




Router config

no ipv6 cef
no ip source-route
ip cef
!
interface Loopback2
ip address 10.5.104.240 255.255.255.255
!
interface GigabitEthernet0/0
ip address PUBLIC IP ADDRESS
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
no mop enabled
!
interface GigabitEthernet0/1
no ip address
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
no mop enabled
!
interface GigabitEthernet0/1.5
description Outside_MGMT
encapsulation dot1Q 5
ip address 10.5.104.73 255.255.255.248
ip nat inside
ip virtual-reassembly
!
interface GigabitEthernet0/1.7
encapsulation dot1Q 7
ip address 10.5.104.65 255.255.255.248
ip nat inside
ip virtual-reassembly
!
interface GigabitEthernet0/1.8
description Guest Wireless
encapsulation dot1Q 2
ip address 10.2.104.1 255.255.255.0
ip nat inside
ip virtual-reassembly
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip nat inside source list 103 interface GigabitEthernet0/0 overload
ip route 0.0.0.0 0.0.0.0 10.5.104.1

 

Thank you for your help.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
paul driver
VIP
VIP

‎02-25-2023 02:23 AM - last edited on ‎02-28-2023 02:23 AM by Community Manager

Hello
You have quite a few mistakes in this configuration
- As the the router is performing the intervlan routing then you don't need any L3 addressing on the switch
- Missing l3 addressing on the router for vlan 10,199
- The router is performing NAT calling an

access-list

that is none existent 
- Your default route is pointing to an interface ip residing on the switch

router
no ip route 0.0.0.0 0.0.0.0 10.5.104.1
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0 <public ip next hop>
or
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0 dhcp

interface GigabitEthernet0/1.10
encapsulation dot1Q 10
ip address 10.5.104.6 255.255.255.192
ip nat inside

interface GigabitEthernet0/1.199
encapsulation dot1Q 199
ip address 10.199.1.116 255.255.255.0
ip nat inside

access-list 103 permit ip 10.5.104.72 0.0.0.7 any
access-list 103 permit ip 10.5.104.64 0.0.0.7 any
access-list 103 permit ip 10.5.104.0 0.0.0.63 any
access-list 103 permit ip 10.2.104.0 0.0.0.255 any
access-list 103 permit ip 10.199.1.0 0.0.0.255 any



switch
config t
no interface Vlan2
no interface Vlan5
no interface Vlan10
no interface Vlan199
no ip routing
vlan 2,5,7,10,199

int vlan 5
ip address 10.5.104.74 255.255.255.248

 Edited- forgot to mention the port on the switch that connects to router needs to be a trunk port


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

View solution in original post

0 Helpful
6 Replies 6

Go to solution
luis_cordova
VIP Alumni
VIP Alumni

‎02-22-2023 06:45 PM - last edited on ‎02-28-2023 02:07 AM by Community Manager

Hello

IP 10.5.104.1

can be assumed to be located on the cable modem.
This can be deduced by the next hop IP of the configured default route.

ip nat inside source list 103 interface GigabitEthernet0/0 overload
ip route 0.0.0.0 0.0.0.0 10.5.104.1

The ping to that IP will not be successful because the cable modem should not have a route configured for internal routes, the ones behind the router.

When you use RoaS, it is normal that the physical interface does not have an IP configured, since the addressing is housed in the sub interfaces.

Regards

0 Helpful

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎02-22-2023 10:47 PM - last edited on ‎02-28-2023 02:19 AM by Community Manager

No devices can ping the

default gateway:10.5.104.1

The router config was built by another tech but worked at this location at one time which

puzzles me as 10.5.104.1

is not anywhere in the config.   << - this means this was not working ? or is this working still ?

  • Is it normal for the inside interface of a router to have no IP address?   - yes that is ok since your are using dot1q tagging with VLAN 

There are lot of tweaks required in the config: example :

ip address PUBLIC IP ADDRESS  (is this fixed IP address ?)  and is this from same range 10.5.104.X ?

you have NAT statement but we did not see Access-list 103 content ?

ip nat inside source list 103 interface GigabitEthernet0/0 overload


you have 10.2.X and 10.5.X public IP address is this allocated by ISP to you ?

Not sure why you need Loopback interface here ?

You have VLAN tagged 5 7 8, but on the switch we see only VLAN 5 ? ( do you need rest of the VLAN ?)

SWITCH :

If the switch act as Layer 2, you can use

default gateway.

if the switch looks to the Routing function, you need to enable IP routing and change from

default gateway

to, IP route x.x.x.x statement.

 

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
jnewton83985
Level 1
Level 1
In response to balaji.bandi

‎02-23-2023 03:48 AM - last edited on ‎02-28-2023 02:20 AM by Community Manager

The outside router interface is using a static public IP to talk to the modem, it is not using

10.5.104.1

I removed the IP when sharing the config.

0 Helpful

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to jnewton83985

‎02-24-2023 06:07 PM

ok what is the issue now ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
paul driver
VIP
VIP

‎02-25-2023 02:23 AM - last edited on ‎02-28-2023 02:23 AM by Community Manager

Hello
You have quite a few mistakes in this configuration
- As the the router is performing the intervlan routing then you don't need any L3 addressing on the switch
- Missing l3 addressing on the router for vlan 10,199
- The router is performing NAT calling an

access-list

that is none existent 
- Your default route is pointing to an interface ip residing on the switch

router
no ip route 0.0.0.0 0.0.0.0 10.5.104.1
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0 <public ip next hop>
or
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0 dhcp

interface GigabitEthernet0/1.10
encapsulation dot1Q 10
ip address 10.5.104.6 255.255.255.192
ip nat inside

interface GigabitEthernet0/1.199
encapsulation dot1Q 199
ip address 10.199.1.116 255.255.255.0
ip nat inside

access-list 103 permit ip 10.5.104.72 0.0.0.7 any
access-list 103 permit ip 10.5.104.64 0.0.0.7 any
access-list 103 permit ip 10.5.104.0 0.0.0.63 any
access-list 103 permit ip 10.2.104.0 0.0.0.255 any
access-list 103 permit ip 10.199.1.0 0.0.0.255 any



switch
config t
no interface Vlan2
no interface Vlan5
no interface Vlan10
no interface Vlan199
no ip routing
vlan 2,5,7,10,199

int vlan 5
ip address 10.5.104.74 255.255.255.248

 Edited- forgot to mention the port on the switch that connects to router needs to be a trunk port


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

Go to solution
jnewton83985
Level 1
Level 1
In response to paul driver

‎02-25-2023 06:46 AM

Thanks for your reply Paul. I have already fixed this issue however I was just looking for confirmation that this config would not work as another tech built this and I wanted to make sure I didn’t miss anything. 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card