Solved: Setting up a Router for Broadband internet connectivity

okoroji80 · ‎11-05-2012

Dear All,

I would like to know if using the following command can connect my network to the internet:

ip route 0.0.0.0 0.0.0.0 Fast ethernet 0/3

ip dhcp pool

Network 192.168.10.0 255.255.255.0

default-router 192.168.10.1

Jude.

blau grana · ‎11-06-2012

here is some basic config which should work, you can add some ZBFW, ACLs, port forward....customize config whatever you like

ip dhcp pool LAN_POOL

network 192.168.1.0 255.255.255.0

default-router 192.168.1.1

dns-server ???

lease 0 8

spanning-tree vlan 10 priority 4096

interface FastEthernet0

description LAN

switchport access vlan 10

interface FastEthernet1

description LAN

switchport access vlan 10

interface FastEthernet2

description LAN

switchport access vlan 10

interface FastEthernet3

description LAN

switchport access vlan 10

interface FastEthernet4

description INTERNET

ip address 197.255.52.91 255.255.255.252

ip nat outside

interface Vlan10

description LAN

ip address 192.168.1.1 255.255.255.0

ip verify unicast reverse-path

ip nat inside

! default route

ip route 0.0.0.0 0.0.0.0 197.255.52.87

! deny RFC1918

ip route 10.0.0.0 255.0.0.0 Null0

ip route 172.16.0.0 255.240.0.0 Null0

ip route 192.168.0.0 255.255.0.0 Null0

! NAT

ip nat inside source list LAN_NAT_POLICY interface FastEthernet4 overload

ip access-list extended LAN_NAT_POLICY

deny ip 192.168.1.0 0.255.255.255 192.168.1.0 0.255.255.255

permit ip 192.168.1.0 0.255.255.255 any

Best Regards Please rate all helpful posts and close solved questions

View solution in original post

blau grana · ‎11-05-2012

Hi Jude

regarding static default route, i recommend you to read:

https://supportforums.cisco.com/docs/DOC-27825

and

http://blog.ioshints.info/2009/10/my-stupid-moments-interface-default.html

http://blog.ioshints.info/2009/10/follow-up-interface-default-route.html

you need to give a name to pool when configuring dhcp pool.

Also we need to know some more information to know for sure if your config will be working.

f.e. IP of LAN/WAN interface, NAT configuration, ISP IP address....

Best Regards Please rate all helpful posts and close solved questions

okoroji80 · ‎11-06-2012

I could not settup an IP Address on any of the interfaces except FA4

I did not settup any NAT yet, what i don't settup any would the config not work ?

ISP IP ADD:

197.255.52.91

255.255.255.255.252

197.255.52.87-default gateway

Let me the steps in setting up the NAT.

Thanks

skype:judeokoroji

blau grana · ‎11-06-2012

here is some basic config which should work, you can add some ZBFW, ACLs, port forward....customize config whatever you like

ip dhcp pool LAN_POOL

network 192.168.1.0 255.255.255.0

default-router 192.168.1.1

dns-server ???

lease 0 8

spanning-tree vlan 10 priority 4096

interface FastEthernet0

description LAN

switchport access vlan 10

interface FastEthernet1

description LAN

switchport access vlan 10

interface FastEthernet2

description LAN

switchport access vlan 10

interface FastEthernet3

description LAN

switchport access vlan 10

interface FastEthernet4

description INTERNET

ip address 197.255.52.91 255.255.255.252

ip nat outside

interface Vlan10

description LAN

ip address 192.168.1.1 255.255.255.0

ip verify unicast reverse-path

ip nat inside

! default route

ip route 0.0.0.0 0.0.0.0 197.255.52.87

! deny RFC1918

ip route 10.0.0.0 255.0.0.0 Null0

ip route 172.16.0.0 255.240.0.0 Null0

ip route 192.168.0.0 255.255.0.0 Null0

! NAT

ip nat inside source list LAN_NAT_POLICY interface FastEthernet4 overload

ip access-list extended LAN_NAT_POLICY

deny ip 192.168.1.0 0.255.255.255 192.168.1.0 0.255.255.255

permit ip 192.168.1.0 0.255.255.255 any

Best Regards Please rate all helpful posts and close solved questions

blau grana · ‎11-06-2012

Now I noticed that IP addresses which you wrote are not valid.

197.255.52.91

255.255.255.255.252

197.255.52.87-default gateway

197.255.52.91/30 - is broadcast for subnet 197.255.52.88

GW 197.255.52.87 is on different subnet and also it is broadcast for previous /30 subnet

So I recommend to double-check these IPs with your ISP.

Best Regards Please rate all helpful posts and close solved questions

okoroji80 · ‎11-13-2012

Thanks all the solutions worked

okoroji80 · ‎11-14-2012

The config worked perfectly .

However i have need to connect WAP4410N to connect to the Router.

what do i need to change on the LAN port to achieve POE connection on the ACCESS Point

Muhammad Thanveer · ‎11-14-2012

model of the router please?

Regards
Thanveer
"Everybody is genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is a stupid."

Muhammad Thanveer · ‎11-14-2012

Hi Jude,

Here is some info for you.

http://www.cisco.com/en/US/docs/switches/lan/catalyst2960/software/release/12.2_44_se/configuration/note/ol14988.html#wp1028613

Catalyst 2960 PoE-capable switch ports automatically supply power to these connected devices if the switch senses that there is no power on the circuit:

•Cisco prestandard powered devices (such as Cisco IP Phones and Cisco Aironet access points)

•IEEE 802.3af-compliant powered devices

The Catalyst 2960-24PC provides 24 10/100 PoE ports that can supply up to 15.4 W of power each, up to a maximum switch power output of 370 W. The Catalyst 2960 -24LT provides 24 10/100 ports, 8 of which are PoE ports that can supply up to 15.4 W of power each.

A powered device can receive redundant power when it is connected to a PoE switch port and to an AC power source. The powered device might be reset upon switching power sources.

	Command	Purpose
Step 1	configure terminal	Enter global configuration mode.
Step 2	interface interface-id	Specify the physical port to be configured, and enter interface configuration mode.
Step 3	power inline {auto [max max-wattage] \| never \| static [max max-wattage]}	Configure the PoE mode on the port. The keywords have these meanings: •auto—Enable powered-device detection. If enough power is available, automatically allocate power to the PoE port after device detection. This is the default setting. •(Optional) max max-wattage—Limit the power allowed on the port. The range is 4000 to 15400 milliwatts. If no value is specified, the maximum is allowed (15400 milliwatts). •never—Disable device detection, and disable power to the port. Note If a port has a Cisco powered device connected to it, do not use the power inline never command to configure the port. A false link-up can occur, placing the port into an error-disabled state. •static—Enable powered-device detection. Pre-allocate (reserve) power for a port before the switch discovers the powered device. The switch reserves power for this port even when no device is connected and guarantees that power will be provided upon device detection. The switch allocates power to a port configured in static mode before it allocates power to a port configured in auto mode.
Step 4	end	Return to privileged EXEC mode.
Step 5	show power inline [interface-id]	Display PoE status for a switch or for the specified interface.
Step 6	copy running-config startup-config	(Optional) Save your entries in the configuration

Please rate helpful posts

Regards
Thanveer
"Everybody is genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is a stupid."

Muhammad Thanveer · ‎11-06-2012

Hi,

197.255.52.91 255.255.255.255.252, in this network valid hosts are 197.255.52.89 and 197.255.52.90

network id 197.255.52.88 and broadcast id is 197.255.52.91

valid hosts are 197.255.52.89 and 197.255.52.90

197.255.52.87-default gateway

if this is 197.255.52.87/29

valid hosts are 197.255.52.85 and 197.255.52.86

network id 197.255.52.84

broadcast id is 197.255.52.87

Ask your Isp to guide which IP to be asigned on your interface and ask him to provide you the ip for doing a default route

i.e.., next hop.

ip route 0.0.0.0 0.0.0.0 next hop ip address

in this scenario you need not to do any kind of natting.

What is the device you are using for this network.

for providing you better solution please provide which device you are using and what is the ios version.

Regards
Thanveer
"Everybody is genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is a stupid."

cadet alain · ‎11-06-2012

Hi,

for NAT:

-configure a ACL permitting the 192.168.10.0/24 network

-configure ip nat outside on WAN facing interface

-configure ip nat inside on LAN facing interface

-configure NAT overload: ip nat inside source list xx interface x/x

where list xx references the ACL and the interface is WAN facing interface

Regards.

Alain

Don't forget to rate helpful posts.

Muhammad Thanveer · ‎11-06-2012

Hi Jude,

As said by Cadet and blau you can do natting

some example scenario:

interface fas 0/0

description LAN

ip address 192.168.1.0 255.255.255.0.

ip nat inside

interface FastEthernet0/1
description Internet
ip address a.b.c.d 255.255.255.252 (isp provided ip)
ip nat outside

ip route 0.0.0.0 0.0.0.0 a.b.c.d (isp side ip address)

ip access-list extended LAN_NAT_POLICY

deny ip 192.168.1.0 0.255.255.255 192.168.1.0 0.255.255.255

permit ip 192.168.1.0 0.255.255.255 any

ip nat inside source list LAN_NAT_POLICY interface FastEthernet0/1 overload

Please remember to rate all helpful posts.

Regards
Thanveer
"Everybody is genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is a stupid."