11-05-2012 06:06 AM - edited 03-04-2019 06:03 PM
Dear All,
I would like to know if using the following command can connect my network to the internet:
ip route 0.0.0.0 0.0.0.0 Fast ethernet 0/3
ip dhcp pool
Network 192.168.10.0 255.255.255.0
default-router 192.168.10.1
Jude.
Solved! Go to Solution.
11-06-2012 01:45 AM
here is some basic config which should work, you can add some ZBFW, ACLs, port forward....customize config whatever you like
ip dhcp pool LAN_POOL
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server ???
lease 0 8
spanning-tree vlan 10 priority 4096
interface FastEthernet0
description LAN
switchport access vlan 10
interface FastEthernet1
description LAN
switchport access vlan 10
interface FastEthernet2
description LAN
switchport access vlan 10
interface FastEthernet3
description LAN
switchport access vlan 10
interface FastEthernet4
description INTERNET
ip address 197.255.52.91 255.255.255.252
ip nat outside
interface Vlan10
description LAN
ip address 192.168.1.1 255.255.255.0
ip verify unicast reverse-path
ip nat inside
! default route
ip route 0.0.0.0 0.0.0.0 197.255.52.87
! deny RFC1918
ip route 10.0.0.0 255.0.0.0 Null0
ip route 172.16.0.0 255.240.0.0 Null0
ip route 192.168.0.0 255.255.0.0 Null0
! NAT
ip nat inside source list LAN_NAT_POLICY interface FastEthernet4 overload
ip access-list extended LAN_NAT_POLICY
deny ip 192.168.1.0 0.255.255.255 192.168.1.0 0.255.255.255
permit ip 192.168.1.0 0.255.255.255 any
11-05-2012 06:43 AM
Hi Jude
regarding static default route, i recommend you to read:
https://supportforums.cisco.com/docs/DOC-27825
and
http://blog.ioshints.info/2009/10/my-stupid-moments-interface-default.html
http://blog.ioshints.info/2009/10/follow-up-interface-default-route.html
you need to give a name to pool when configuring dhcp pool.
Also we need to know some more information to know for sure if your config will be working.
f.e. IP of LAN/WAN interface, NAT configuration, ISP IP address....
11-06-2012 12:53 AM
I could not settup an IP Address on any of the interfaces except FA4
I did not settup any NAT yet, what i don't settup any would the config not work ?
ISP IP ADD:
197.255.52.91
255.255.255.255.252
197.255.52.87-default gateway
Let me the steps in setting up the NAT.
Thanks
skype:judeokoroji
11-06-2012 01:45 AM
here is some basic config which should work, you can add some ZBFW, ACLs, port forward....customize config whatever you like
ip dhcp pool LAN_POOL
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server ???
lease 0 8
spanning-tree vlan 10 priority 4096
interface FastEthernet0
description LAN
switchport access vlan 10
interface FastEthernet1
description LAN
switchport access vlan 10
interface FastEthernet2
description LAN
switchport access vlan 10
interface FastEthernet3
description LAN
switchport access vlan 10
interface FastEthernet4
description INTERNET
ip address 197.255.52.91 255.255.255.252
ip nat outside
interface Vlan10
description LAN
ip address 192.168.1.1 255.255.255.0
ip verify unicast reverse-path
ip nat inside
! default route
ip route 0.0.0.0 0.0.0.0 197.255.52.87
! deny RFC1918
ip route 10.0.0.0 255.0.0.0 Null0
ip route 172.16.0.0 255.240.0.0 Null0
ip route 192.168.0.0 255.255.0.0 Null0
! NAT
ip nat inside source list LAN_NAT_POLICY interface FastEthernet4 overload
ip access-list extended LAN_NAT_POLICY
deny ip 192.168.1.0 0.255.255.255 192.168.1.0 0.255.255.255
permit ip 192.168.1.0 0.255.255.255 any
11-06-2012 01:56 AM
Now I noticed that IP addresses which you wrote are not valid.
197.255.52.91
255.255.255.255.252
197.255.52.87-default gateway
197.255.52.91/30 - is broadcast for subnet 197.255.52.88
GW 197.255.52.87 is on different subnet and also it is broadcast for previous /30 subnet
So I recommend to double-check these IPs with your ISP.
11-13-2012 09:36 AM
Thanks all the solutions worked
11-14-2012 08:19 AM
The config worked perfectly .
However i have need to connect WAP4410N to connect to the Router.
what do i need to change on the LAN port to achieve POE connection on the ACCESS Point
11-14-2012 11:03 AM
model of the router please?
Regards
Thanveer
"Everybody is genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is a stupid."
11-14-2012 11:09 AM
Hi Jude,
Here is some info for you.
Catalyst 2960 PoE-capable switch ports automatically supply power to these connected devices if the switch senses that there is no power on the circuit:
•Cisco prestandard powered devices (such as Cisco IP Phones and Cisco Aironet access points)
•IEEE 802.3af-compliant powered devices
The Catalyst 2960-24PC provides 24 10/100 PoE ports that can supply up to 15.4 W of power each, up to a maximum switch power output of 370 W. The Catalyst 2960 -24LT provides 24 10/100 ports, 8 of which are PoE ports that can supply up to 15.4 W of power each.
A powered device can receive redundant power when it is connected to a PoE switch port and to an AC power source. The powered device might be reset upon switching power sources.
Please rate helpful posts
Regards
Thanveer
"Everybody is genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is a stupid."
11-06-2012 01:56 AM
Hi,
197.255.52.91 255.255.255.255.252, in this network valid hosts are 197.255.52.89 and 197.255.52.90
network id 197.255.52.88 and broadcast id is 197.255.52.91
valid hosts are 197.255.52.89 and 197.255.52.90
197.255.52.87-default gateway
if this is 197.255.52.87/29
valid hosts are 197.255.52.85 and 197.255.52.86
network id 197.255.52.84
broadcast id is 197.255.52.87
Ask your Isp to guide which IP to be asigned on your interface and ask him to provide you the ip for doing a default route
i.e.., next hop.
ip route 0.0.0.0 0.0.0.0 next hop ip address
in this scenario you need not to do any kind of natting.
What is the device you are using for this network.
for providing you better solution please provide which device you are using and what is the ios version.
Regards
Thanveer
"Everybody is genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is a stupid."
11-06-2012 02:13 AM
Hi,
for NAT:
-configure a ACL permitting the 192.168.10.0/24 network
-configure ip nat outside on WAN facing interface
-configure ip nat inside on LAN facing interface
-configure NAT overload: ip nat inside source list xx interface x/x
where list xx references the ACL and the interface is WAN facing interface
Regards.
Alain
Don't forget to rate helpful posts.
11-06-2012 02:24 AM
Hi Jude,
As said by Cadet and blau you can do natting
some example scenario:
interface fas 0/0
description LAN
ip address 192.168.1.0 255.255.255.0.
ip nat inside
interface FastEthernet0/1
description Internet
ip address a.b.c.d 255.255.255.252 (isp provided ip)
ip nat outside
ip route 0.0.0.0 0.0.0.0 a.b.c.d (isp side ip address)
ip access-list extended LAN_NAT_POLICY
deny ip 192.168.1.0 0.255.255.255 192.168.1.0 0.255.255.255
permit ip 192.168.1.0 0.255.255.255 any
ip nat inside source list LAN_NAT_POLICY interface FastEthernet0/1 overload
Please remember to rate all helpful posts.
Regards
Thanveer
"Everybody is genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is a stupid."
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide