1941W (or any ISR G2 Router) with 4esg ethernet configuration example

dbrockma · ‎02-26-2012

I have a very simple setup I am trying to get with my 1941W.

Gig0/0 is my WAN port tied to a Comcast Business connection - No issues

Gig0/1 is my internal LAN connection, private IP, dhcp - No issues

Gig0/1 is connected to a 24 port PoE switch via ethernet cable.

The switch connects to a Linksys E4200V2.

What I want to do is get rid of my big PoE switch (which is powering one phone) and my Linksys E4200v2 and use just the 1941W.

<mini-rant-on>

OK, I guess I am old school and like it when a router is a router and a switch is a switch.....

Unfortunately there is, from what I can tell, a complete lack of configuration examples. I found many snippets and one entire configuration complete with ppt slides that does not actually work with the 1941W I have (the example shows Interface Gigabit0, while my 1941W has them listed as interface Gigabit0/0)

And I HATE asking for help. I would much rather find a few working examples, read about any command I don't know about, and muddle through getting something to work: It may not be secure or the 'best' way to do it, but they did work.

<mini-rant-off>

So, in my current setup everything is working:

Comcast Cable Gateway--->Static IP<--- Gig0/0 1941W--- 1941W Gig0/1 dhcp pool---PoE switch-------------Linksys E4200v2

|---------------------PoE phone

|------------computer, print server, etc.

And obviously I want the following:

Comcast Cable Gateway--->Static IP<--- Gig0/0 1941W----Gig0/1, Gig0/0/0 to Gig0/0/3--dhcp pool1----------->>>> to wired devices.

1941W---wlan-gig0/0----accesspoint-------------------------------->>>> to wireless devices.

I would prefer to have my wireless and wired links share one DHCP pool, but they do not have to. At this point I would take anything I can get. I do have a working AP configuration from work that connects the AP to devices using WAP, allocating DHCP from a second DHCP pool but can't get the wireless to route outside the box.

I thought it was as simple as assigning a VLAN with a DHCP pool to the 4esg ethernet ports, but that does not quite work. A computer plugged directly into 4esg port gig0/0/0 does correctly obtain a DHCP IP address, but it will not ping anywhere outside the local network. In this case the computer can ping 172.20.40.1, the gig0/1 interface or any other IP on that network, but not anything outside. Interesting enough, if I do an extended ping from 172.20.40.1 I CAN ping outside locations from the inside nat interface of the router.

Do I have to do routing table profiles or something? I am very appreciatve of any help and will gladly give you login to my router....

---------------------------------------1941W----------------------- TESTING CONFIG

Router#sh run
Building configuration...

Current configuration : 2595 bytes
!
! Last configuration change at 00:52:02 UTC Mon Feb 27 2012
! NVRAM config last updated at 00:52:18 UTC Mon Feb 27 2012
! NVRAM config last updated at 00:52:18 UTC Mon Feb 27 2012
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
logging buffered 9999999
no logging console
enable secret 5 password gone for security
enable password password gone for security
!
no aaa new-model
service-module wlan-ap 0 bootimage autonomous
!
no ipv6 cef
!
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 172.20.40.1 172.20.40.100
!
ip dhcp pool pool1
network 172.20.40.0 255.255.255.0
default-router 172.20.40.1
option 150 ip 76.204.73.242
dns-server 68.94.157.1
!
!
ip cef
multilink bundle-name authenticated
!
crypto pki token default removal timeout 0
!
!
license udi pid CISCO1941W-A/K9 sn FTX15240336
hw-module ism 0
!
!
!
!
!
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address

!
interface GigabitEthernet0/0
description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-GE 0/ex0$
ip address 173.8.181.225 255.255.255.248
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
interface wlan-ap0
description Service module interface to manage the embedded AP
no ip address
arp timeout 0
no mop enabled
no mop sysid
!
interface GigabitEthernet0/1
ip address 172.20.40.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
interface Wlan-GigabitEthernet0/0
description Internal switch interface connecting to the embedded AP
no ip address
!
interface GigabitEthernet0/0/0
no ip address
!
interface GigabitEthernet0/0/1
no ip address
!
interface GigabitEthernet0/0/2
no ip address
!
interface GigabitEthernet0/0/3
no ip address
!
interface Vlan1

ip address pool pool1
!
ip default-gateway 173.8.181.230
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip nat inside source list 1 interface GigabitEthernet0/0 overload
ip route 0.0.0.0 0.0.0.0 173.8.181.230
!
access-list 1 permit 172.20.40.0 0.0.0.255
!
!
!
control-plane
!
!
!
line con 0
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line 67
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
line vty 0 4
password password gone for security
login
transport input all
transport output all
!
scheduler allocate 20000 1000
!
end

Router#66.150.155.194

cadet alain · ‎02-27-2012

Hi,

Interesting enough, if I do an extended ping from 172.20.40.1 I CAN ping outside locations from the inside nat interface of the router.

This means routing and NAT are working.

Can you provide output of host routing table and IP configuration and also the result of a traceroute to 8.8.8.8 from the host.

Regards.

Alain

Don't forget to rate helpful posts.