Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
468
Views
0
Helpful
1
Replies

Router can ping the Internet but LAN interfaces cannot

Michael Schubert
Level 1
Level 1

‎06-21-2020 11:17 PM - edited ‎06-21-2020 11:18 PM

I think I must be missing something simple. I'm working in a test lab trying to get something going and my Cisco router is dropping all traffic to the Internet. When I console into the router I am able to ping 4.2.2.2, but when I connect anything to the other interfaces I cannot get to the Internet from those devices. I am able to ping the router's interface IP addresses which I set as my gateway on my computers. Am I missing something simple in the config?

 

show run
Building configuration...

Current configuration : 1321 bytes
!
! Last configuration change at 06:16:27 UTC Mon Jun 22 2020
!
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 15
!
no ipv6 cef
ip source-route
ip cef
!
!
!
!
multilink bundle-name authenticated
!
!
!
!
license udi pid CISCO2911/K9 sn FGL
license boot module c2900 technology-package uck9
license boot module c2900 technology-package datak9
hw-module pvdm 0/0
!
!
!
!
!
!
!
!
!
interface GigabitEthernet0/0
ip address xxxxxxx 255.255.255.248
duplex auto
speed auto
!
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
!
interface GigabitEthernet0/1.10
description Lab WAN
encapsulation dot1Q 10 native
ip address 192.168.1.1 255.255.255.0
!
interface GigabitEthernet0/1.945
description Lab MPLS
encapsulation dot1Q 945
ip address 10.199.15.1 255.255.255.252
!
interface GigabitEthernet0/2
description Austin Lab
ip address 172.17.3.1 255.255.255.0
duplex auto
speed auto
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 xxxxxx
!
!
!
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
login
transport input all
!
scheduler allocate 20000 1000
end

Router#

Labels:
0 Helpful
1 Reply 1

Meheretab Mengistu
Level 7
Level 7

‎06-22-2020 12:07 PM

Hi Michael,

 

You missed NAT configuration. Since the IP addresses on Gig0/1 & Gig0/2 are from private IP address range (which are not allowed on the internet), you will need to configure NAT.

 

For example,

 

int gig0/0

 ip nat outside

int gig0/1.10

 ip nat inside

int gig0/1.945

 ip nat inside

int gig0/2

 ip nat inside

!

access-list 1 permit 192.168.1.0 0.0.0.255

access-list 1 permit 10.199.15.0 0.0.0.3

access-list 1 permit 172.17.3.0 0.0.0.255

ip nat inside source list 1 interface gig0/0 overload

 

 

HTH,
Meheretab
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card