01-04-2013 12:40 AM - edited 03-07-2019 10:53 AM
Hello everyone,
we've to configure our router 1841 to use both 2 interface Fe for two different vlan (also the second has to go on internet).
Actually we have int Fe0/0 configured with an ip address 192.168.1.1 for lan1 192.168.1.0/24 and we will use the second int Fe0/1 with another ip address like 192.168.2.1 for lan2 192.168.2.0/24.
Actually we have a dhcp pool for lan1 and all it's working, see below configuration:
ip dhcp pool LAN1
network 192.168.1.0 255.255.255.0
domain-name xxxxx
default-router 192.168.1.1
dns-server 8.8.8.8
lease 0 4
!
interface FastEthernet0/0
description LAN1
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
speed 100
full-duplex
no snmp trap link-status
How can I configure int Fe0/1?
Now I tried toconfigure like int fe0/0 with new dhcp pool lan2. The address is released to my pc but I cannot navigate on internet? Why?
See below for ATM and Dialer configuration:
!
interface ATM0/0/0
bandwidth 2000
no ip address
no atm ilmi-keepalive
!
interface ATM0/0/0.1 point-to-point
pvc 8/35
vbr-nrt 320 320 1
tx-ring-limit 3
encapsulation aal5mux ppp dialer
dialer pool-member 1
service-policy out VPNPRIORITY
!
!
interface Dialer0
description $FW_OUTSIDE$
ip address negotiated
ip nat outside
ip virtual-reassembly in
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap callin
ppp chap hostname xxxx
ppp chap password 7 xxxxxxxxxxx
crypto map SDM_CMAP_1
thanks
Alberto
01-04-2013 01:21 AM
Hi,
Simple like this it's not actually different what you've done with f0/0 just change ip address and mask. If you have no Internet access from 192.168.2.0 subnet then you may have forgotten to add NAT for that subnet. DHCP pool the same like for subnet 192.168.1.0/24.
ip dhcp pool LAN2
network 192.168.2.0 255.255.255.0
domain-name xxxxx
default-router 192.168.2.1
dns-server 8.8.8.8
lease 0 4
interface FastEthernet0/1
description LAN2
ip address 192.168.2.1 255.255.255.0
ip nat inside
Can you show NAT configuration?
Hope it will help.
01-04-2013 01:43 AM
Hi,
thanks for the answer, below the nat config (the last row of this ACL is about NAT for Internet):
the others rows are various deny for vpn to our customer.
ip nat inside source route-map SDM_RMAP_17 interface Dialer0 overload
route-map SDM_RMAP_17 permit 1
match ip address 140
last row of ACL 140:
access-list 140 permit ip 192.168.1.0 0.0.0.255 any
Thanks
Alberto
01-04-2013 01:53 AM
Ok, then just add second subnet to ACL in route-map
access-list 140 permit ip 192.168.1.0 0.0.0.255 any
access-list 140 permit ip 192.168.2.0 0.0.0.255 any
Abzal
01-04-2013 02:15 AM
ok, thank you, I will try asap but I think will works.
Alberto
01-04-2013 02:33 AM
Hi
it should work as u didnt had the matching ACL in the route map which is used for nat
Sent from Cisco Technical Support iPhone App
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: