cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
1532
Views
0
Helpful
24
Replies
christopherwms
Beginner

Routing through switch

I'm unable to connect to the internet and despretly need help.

My university gave us student permission toset up a cisco lab.

I hve an 1841 router and a 2950 catalyst switch in a single room.

Fa0/1 is conncted to the switch using a 192.168.3.0 /24 network.

DHCP is correctly assaigning ip addresses to the switch.

I connected the Fa0/0 port to the wall and used the following command to obtain an ip on the Fa0/0 port: ip adress dhcp.

I used the following route command: ip route dhcp.

That didn't work so I used the ip route 0.0.0.0 0.0.0.0 Fa0/0.

When I run the sh cdp neighbors command I see a multilayer switch that show me connected to the Ga2/26 port with ip:192.168.179.254.

I also see that the default vlan is 200 and the voice vlan is 800.

A linksys router is about to let us access the internet.

I am able to ping the 192.168.179.254 address from the 1841 router.

What am I missing to connect to the internet.

I forgot to mention that I successfully receive an ip from the wall.  The latest ip I received was 192.168.179.100 /24.

If someone will tell me how to make a topology diagram, I will gladly post it.

Thanks in advance

24 REPLIES 24
manish arora
Frequent Contributor

Hi,

What you are missing here is NAT or better said dynamic pat for the subnet that you assigned to the inside interface of 1800 series router. The reason you need to nat these ip's is because the network your connecting your router have no idea of where is the route for that network.

So, search for setting up Nat overload and do that.

Manish

Sent from Cisco Technical Support iPhone App

Thanks for that input.  That makes a lot of sense.

I tried configuring NAT and PAT using the SDM.

From what I have seen on the internet SDM isn't very good about delivering all commands to a router.

Here is my next plan, please let me know if you agree:

1)Reset router to default settings

2)Re-enter same config for interfaces

3)enter the following commands for nat:

ip nat pool testPool

192.168.3.1 192.168.3.48 netmask 255.255.255.0

ip nat inside source list 1 pool testPool

int fa0/0

ip nat outside

int fa0/1

ip nat inside

Thanks again

Hi,

For the nat I would do this:

ip nat inside source list 1 interface f0/0

access-list 1  permit 192.168.1.0   where 192.168.1.0 is your LAN subnet

int f0/1 ---->  LAN interface

ip nat inside

int f0/0 ----> WAN interface

ip nat outside

Regards.

Alain.

Don't forget to rate helpful posts.

Agree with Alain on everything but I think it will be :-

ip nat inside source list 1 interface f0/0 overload

in one of the statement.

Manish

Okay, thans for the input.

I didn't do the overload since I didn't think pat was required.

I'm still having the same problem so the running-config and cdp info is pasted below.

Could someone tell me if pat will be required, and if the route that I used is what is causing the problem.

Thanks in advance

Router#sh run
Building configuration...

Current configuration : 1129 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero

ip subnet-zero
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.3.1 192.168.3.199
ip dhcp excluded-address 192.168.3.241 192.168.3.255
ip dhcp excluded-address 10.10.10.0 10.10.10.100
!
ip dhcp pool 192.168.3.0/24
   network 192.168.3.0 255.255.255.0
   default-router 192.168.3.1
!
ip dhcp pool mypool
   network 10.10.10.0 255.255.255.0
   default-router 10.10.10.1
   lease 7
!
!
!
!
!
!
interface FastEthernet0/0

nterface FastEthernet0/0
ip address dhcp
ip nat outside
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 10.10.10.1 255.255.255.0
ip nat inside
duplex auto
speed auto
!
ip classless
ip route 0.0.0.0 0.0.0.0 FastEthernet0/0
!
ip http server
ip nat inside source list 1 interface FastEthernet0/0 overload
!
!
control-plane
!
!
line con 0
logging synchronous
line aux 0
line vty 0 4
login
!
end

Here is the info from the cdp commans:

Router#sh cdp neighbors
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                  S - Switch, H - Host, I - IGMP, r - Repeater

Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
T&C-MDF-4506B>.hccs.edu
                 Fas 0/0            120        R S I      WS-C4506-EGig 2/36


Router#sh cdp neighbors  detail
-------------------------
Device ID: T&C-MDF-4506B>.hccs.edu
Entry address(es):
  IP address: 192.168.179.254
Platform: cisco WS-C4506-E,  Capabilities: Router Switch IGMP
Interface: FastEthernet0/0,  Port ID (outgoing port): GigabitEthernet2/36
Holdtime : 152 sec

Version :
Cisco IOS Software, Catalyst 4500 L3 Switch Software (cat4500e-ENTSERVICESK9-M),
Version 12.2(52)SG, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2009 by Cisco Systems, Inc.
Compiled Tue 12-May-09 20:15 by prod_rel_team

advertisement version: 2
VTP Management Domain: ''
Native VLAN: 200
Duplex: full
Application: VoIP using vlan 800

I think you need overload since you will be doing a dynamic PAT for all the machines that will need access.

anyway, what you are missing here is access-list 1 that you mentioned in the NAT config.

router(config)# access-list 1 permit 10.10.10.1 0.0.0.255 any

Manish

Hi,

ip route 0.0.0.0 0.0.0.0 FastEthernet0/0

This can only work if the next-hop router has proxy-arp enabled.On a multiaccess media always put the next-hop in static routes or

if you want to save a lookup then put the next-hop and the outgoing interface.

So either: ip route 0.0.0.0 0.0.0.0 Fastethernet0/0 192.168.179.254

     or: ip route 0.0.0.0 0.0.0.0 192.168.179.254

Regards.

Alain.

Don't forget to rate helpful posts.

Hi Manish,

The overload keyword is only needed if you specify a pool, for an interface it is automatically added by the IOS in the running.

Regards.

Alain.

Don't forget to rate helpful posts.

Quick question regarding the routes.

Would ip route 0.0.0.0 0.0.0.0 dhcp

accomplish the same thing or am I better off using your suggestion?

Thanks

Chris

Hi,

Would ip route 0.0.0.0 0.0.0.0 dhcp

accomplish the same thing or am I better off using your suggestion?

Yes it would.

Regards.

alain.

Don't forget to rate helpful posts.

Hi all,

A tried entering the route as mentioned and still no internet access.

Running wireshark I had to let it sit for about 90sec before I started getting replies from the switch on woreshark.

Here is my current show run:

Router#sh run
Building configuration...

Current configuration : 1326 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.3.1 192.168.3.199
ip dhcp excluded-address 192.168.3.241 192.168.3.255
ip dhcp excluded-address 10.10.10.0 10.10.10.100
!
ip dhcp pool 192.168.3.0/24
   network 192.168.3.0 255.255.255.0
   default-router 192.168.3.1
!
ip dhcp pool mypool
   network 10.10.10.0 255.255.255.0
   default-router 10.10.10.1
   lease 7
!
!
!
!
!
!
interface FastEthernet0/0
description WAN

description WAN
ip address dhcp
ip nat outside
ip nat enable
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 10.10.10.1 255.255.255.0
ip nat inside
ip nat enable
duplex auto
speed auto
!
router rip
version 2
network 10.0.0.0
network 192.168.179.0
!
ip classless
ip route 0.0.0.0 0.0.0.0 dhcp
!
ip http server
ip nat inside source list 2 interface FastEthernet0/0 overload
ip nat inside source static 10.10.10.101 10.10.10.254
!
access-list 2 permit 10.10.10.0 0.0.0.255
!
control-plane
!
!
line con 0
logging synchronous
line aux 0
line vty 0 4
login
!
end

I don't know if this will help, but attached is a file from the wireshark capture starting at about 3 min after being connected.  I used ip route 0.0.0.0 0.0.0.0 192.168.179.254 for the route.

Can you post show ip route output  and when you ping from host can you do this:

sh ip nat translation

access-list extended 188  permit icmp any any

do debug ip packet detail 188

do debug ip nat

Regards.

Alain.

Don't forget to rate helpful posts.

Here is the output from the commands you mentioned.  It apears that nat is running correctly.

Router#sh ip nat translations
Pro Inside global      Inside local       Outside local      Outside global
--- 10.10.10.254       10.10.10.101       ---                ---
tcp 192.168.179.14:37407 10.10.10.109:37407 64.13.115.105:80 64.13.115.105:80
icmp 192.168.179.14:1024 10.10.10.113:1024 192.168.179.254:1024 192.168.179.254:
1024
Router#sh ip nat translations
Pro Inside global      Inside local       Outside local      Outside global
--- 10.10.10.254       10.10.10.101       ---                ---
tcp 192.168.179.14:37407 10.10.10.109:37407 64.13.115.105:80 64.13.115.105:80
icmp 192.168.179.14:1024 10.10.10.113:1024 192.168.179.254:1024 192.168.179.254:
1024
Router#do debug ip packet detail 188
          ^
% Invalid input detected at '^' marker.

Router#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#do de
Router(config)#do debug ip packet detail 188
IP packet debugging is on (detailed) for access list 188
Router(config)#do debug ip nat
IP NAT debugging is on
Router(config)#
*Mar  5 03:43:57.221: NAT*: s=10.10.10.113->192.168.179.14, d=192.168.179.254 [6
150]
*Mar  5 03:43:57.221: NAT*: s=192.168.179.254, d=192.168.179.14->10.10.10.113 [6
150]
*Mar  5 03:43:58.213: NAT*: s=10.10.10.113->192.168.179.14, d=192.168.179.254 [6
151]
*Mar  5 03:43:58.213: NAT*: s=192.168.179.254, d=192.168.179.14->10.10.10.113 [6
151]
Router(config)#
*Mar  5 03:43:59.213: NAT*: s=10.10.10.113->192.168.179.14, d=192.168.179.254 [6
152]
*Mar  5 03:43:59.213: NAT*: s=192.168.179.254, d=192.168.179.14->10.10.10.113 [6
152]
Router(config)#
*Mar  5 03:44:00.213: NAT*: s=10.10.10.113->192.168.179.14, d=192.168.179.254 [6
153]
*Mar  5 03:44:00.213: NAT*: s=192.168.179.254, d=192.168.179.14->10.10.10.113 [6
153]
Router(config)#
*Mar  5 03:45:00.677: NAT: expiring 192.168.179.14 (10.10.10.113) icmp 1024 (102
4)
Router(config)#