Solved: Re: Router 1 has internet access but PC and router 2 do not. Devices can ping each other locally.

danwilko16 · ‎07-20-2020

Hi, I have internet access with my router.

FE 0/1 is WAN port setup for PPPOE

FE 0/0 is standard port.

Network setup - VDSL modem -- router 1 (1841) switch(2960) -- PC.

Router 2 which can also ping the main router 192.168.1.1

Summary Router 2 and PC do not have internet access while only router 1 does. Which is directly connected to a VDSL modem with PPPOE setup.

Current configuration : 1367 bytes
! Last configuration change at 14:39:54 UTC Mon Jul 20 2020
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
no aaa new-model
ip source-route
!
ip dhcp pool 1
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 1.1.1.1 8.8.8.8 1.0.0.1
!
ip cef
multilink bundle-name authenticated
!
license udi pid CISCO1841 sn FCZ1043723T
!
interface FastEthernet0/0
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
pppoe enable group global
pppoe-client dial-pool-number 1
!
interface Serial0/0/0
no ip address
shutdown
clock rate 2000000
!
interface Dialer1
mtu 1492
ip address negotiated
encapsulation ppp
dialer pool 1
dialer-group 1
ppp chap hostname ---removed for security purposes---
ppp chap password ---removed for security purposes---
!
ip forward-protocol nd
!
no ip http server
ip nat inside source list 1 interface Dialer1 overload
ip route 0.0.0.0 0.0.0.0 Dialer1
!
access-list 1 permit any
access-list 2 permit 192.168.1.0 0.0.0.255
!
control-plane
!
line con 0
line aux 0
line vty 0 4
login
transport input all
!
scheduler allocate 20000 1000
end

Georg Pauwen · ‎07-21-2020

Hello,

on router 1, add the line marked in bold:

interface Dialer1
mtu 1492
ip address negotiated

--> ip nat outside
encapsulation ppp
dialer pool 1
dialer-group 1
ppp chap hostname
ppp chap password

How is Router 2 connected to Router 1 ?

View solution in original post

Giuseppe Larosa · ‎07-20-2020

Hello @danwilko16 ,

a) I would use ACL 2 for global nat statement

no ip nat inside source list 1 interface Dialer1 overload

ip nat inside source list 2 interface Dialer1 overload

b)

Router 2 and the pc needs to point to the LAN interface of router 1

Router 2:

ip route 0.0.0.0 0.0.0.0 192.168.1.1

PC : def gw = 192.168.1.1 DNS = 192.168.1.1

they need it to be sure they send traffic to router 1 LAN when attempting to go to the internet

You can use

show ip nat translation

on router2 to check NAT

Hope to help

Giuseppe

danwilko16 · ‎07-21-2020

When i use the command show ip nat translation this shows nothing on router 1 and router 2. Router 1s updated file is below. also when i do a traceroute on router 2 it goes to the DG of 192.168.1.1 then just ends it cant get off the DGW .

1

S* 0.0.0.0/0 [1/0] via 192.168.1.1

This is the only route i have in router 2 with its one interface that uses DHCP with an ip address of 192.168.1.2

---

hostname Router 1
!
boot-start-marker
boot-end-marker
!
no aaa new-model
ip source-route
!
ip dhcp pool 1
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 192.168.1.1
!
ip cef
no ip domain lookup
multilink bundle-name authenticated
!
license udi pid CISCO1841 sn FCZ1043723T
!
interface FastEthernet0/0
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
pppoe enable group global
pppoe-client dial-pool-number 1
!
interface Serial0/0/0
no ip address
shutdown
clock rate 2000000
!
interface Dialer1
mtu 1492
ip address negotiated
encapsulation ppp
dialer pool 1
dialer-group 1
ppp chap hostname
ppp chap password
!
ip forward-protocol nd
!
no ip http server
ip nat inside source list 1 interface Dialer1 overload
ip route 0.0.0.0 0.0.0.0 Dialer1
!
access-list 1 permit 192.168.1.0 0.0.0.255

Georg Pauwen · ‎07-21-2020

Hello,

on router 1, add the line marked in bold:

interface Dialer1
mtu 1492
ip address negotiated

--> ip nat outside
encapsulation ppp
dialer pool 1
dialer-group 1
ppp chap hostname
ppp chap password

How is Router 2 connected to Router 1 ?

danwilko16 · ‎07-21-2020

Awesome! That has solved the issue, this was the first time i've set up hardware.

Georg Pauwen · ‎07-21-2020

What about Router 2, is that working now as well ?

danwilko16 · ‎07-22-2020

Yes it is. It looks like the command was on the wrong interface.

balaji.bandi · ‎07-20-2020

High level looks good

try below commands and let me know :

no access-list 1 permit any
no access-list 2 permit 192.168.1.0 0.0.0.255

access-list 1 permit ip 192.168.1.0 0.0.0.255 any

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Georg Pauwen · ‎07-20-2020

Hello,

how is Router 2 connected to your network ? Post a schematic drawing of your topology, as well as the configuration of Router 2.