ā10-14-2015 04:16 AM - edited ā03-08-2019 02:12 AM
a friend of mine today bought Cisco 1941 router to replace another older router, The configuration is very simple -> ISP ADSL modem(192.168.2.1) - 1941 router - LAN(192.168.3.0/24)
But i am having a headache since the most basic config is not working. I have looked at other discussions on the forum but they involve NAT and more routing protocols which i do not need to use at this moment, so could some please look at the running config and route table below and advice why it is not working ???
R1(config)#do show run
Building configuration...
Current configuration : 3158 bytes
!
! Last configuration change at 10:36:00 UTC Wed Oct 14 2015 by t
!
version 15.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
!
logging buffered 51200 warnings
!
no aaa new-model
!
!
!
!
!
!
!
!
!
!
!
!
!
!
ip domain name yourdomain.com
ip cef
no ipv6 cef
multilink bundle-name authenticated
!
cts logging verbose
!
!
!
username tns privilege 15 secret 5 x
!
redundancy
!
!
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description outside
ip address 192.168.2.2 255.255.255.0
duplex auto
speed auto
!
interface GigabitEthernet0/1
description inside
ip address 192.168.3.1 255.255.255.0
duplex auto
speed auto
!
ip forward-protocol nd
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
ip route 0.0.0.0 0.0.0.0 192.168.2.1
!
!
!
!
control-plane
!
!
!
line con 0
logging synchronous
login local
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
access-class 23 in
privilege level 15
password 7 x
login local
transport input telnet ssh
line vty 5 15
access-class 23 in
privilege level 15
login local
transport input telnet ssh
!
scheduler allocate 20000 1000
!
end
R1(config)#
And here is my show ip route
R1#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override
Gateway of last resort is 192.168.2.1 to network 0.0.0.0
S* 0.0.0.0/0 [1/0] via 192.168.2.1
192.168.2.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.2.0/24 is directly connected, GigabitEthernet0/0
L 192.168.2.2/32 is directly connected, GigabitEthernet0/0
From the router I can ping 192.168.2.1 and 8.8.8.8 (internet), but from my PC (either connected directly to the interface or through a switch) i can only ping as far as 192.168.2.2 only, not even 192.168.2.1
So what am i missing? This should be a very basic configuration, since i do not have a public ip i didn't think i need NAT, any thoughts ???
Thank you in advance for your advice.
Solved! Go to Solution.
ā10-14-2015 05:33 AM
Okay so my original comment still stands.
Does the ADSL device have a route for the 192.168.3.0/24 subnet ?
In Cisco syntax it would look like -
"ip route 192.168.3.0 255.255.255.0 192.168.2.2"
If you can't add routes to that device then you can use NAT on your router.
Note also that the ADSL router would need to be setup to do NAT for the 192.168.3.0/24 subnet as well.
A lot of those types of modems only do NAT for the directly connected IP subnet ie. 192.168.2.0/24 in your case.
Again, if it can't this can be solved by using NAT on your router.
Jon
ā10-14-2015 05:15 AM
You don't need NAT if the next hop device ie. 192.168.2.1 can add a route for the 192.168.3.0/24 subnet with a next hop IP of 192.168.2.2.
I notice your routing table doesn't show 192.168.3.x, is that because you have not connected a device up ?
Jon
ā10-14-2015 05:23 AM
You are right Jon
Here is the routing table again
R1#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override
Gateway of last resort is 192.168.2.1 to network 0.0.0.0
S* 0.0.0.0/0 [1/0] via 192.168.2.1
192.168.2.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.2.0/24 is directly connected, GigabitEthernet0/0
L 192.168.2.2/32 is directly connected, GigabitEthernet0/0
192.168.3.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.3.0/24 is directly connected, GigabitEthernet0/1
L 192.168.3.1/32 is directly connected, GigabitEthernet0/1
ā10-14-2015 05:33 AM
Okay so my original comment still stands.
Does the ADSL device have a route for the 192.168.3.0/24 subnet ?
In Cisco syntax it would look like -
"ip route 192.168.3.0 255.255.255.0 192.168.2.2"
If you can't add routes to that device then you can use NAT on your router.
Note also that the ADSL router would need to be setup to do NAT for the 192.168.3.0/24 subnet as well.
A lot of those types of modems only do NAT for the directly connected IP subnet ie. 192.168.2.0/24 in your case.
Again, if it can't this can be solved by using NAT on your router.
Jon
ā10-14-2015 07:44 AM
Thanks a lot Jon,
I never thought that private IP range can/should be NATed, This is going to be the lesson of the week for me!!!
For anyone else who stumble upon this while googling, here is the configuration that worked.
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description outside
ip address 192.168.2.2 255.255.255.0
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/1
description inside
ip address 192.168.3.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
ip forward-protocol nd
!
!
ip nat inside source list 101 interface GigabitEthernet0/0 overload
ip route 0.0.0.0 0.0.0.0 192.168.2.1
!
!
!
access-list 101 permit ip 192.168.3.0 0.0.0.255 any
!
ā10-14-2015 08:37 AM
Thanks for posting back.
Just to add that you would only do this because of limitations with your modem although it does come up quite often on these forums.
More often than not though you would usually see private IPs being translated to public IPs.
Jon
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: