Solved: Re: 2610 No Internet Access...

jwood1650 · ‎03-03-2012

I have a Cisoc 2610 connected to my network, 1 Ethernet port and a WIC-2T card. I have ther serial connection to the main router and the ethernet going to the switch. I can ping all device throught the network...but the 2610 can't ping any outside address (no internet connection). I have the internet connection going through my 3745 (which the 2610 is connected to via serial cable). I put a default route into the 2610 but still no luck...please help...

Here are the running configs:

2610:

version 12.3

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname Router

!

boot-start-marker

boot system flash

boot-end-marker

!

no logging on

!

no aaa new-model

ip subnet-zero

ip cef

!

ip dhcp pool 192.168.3.1

default-router 192.168.3.1

dns-server 192.168.2.127 192.168.2.128 8.8.8.8

!

username woodjl1650 privilege 15 password 0 henry999

!

interface Ethernet0/0

ip address 192.168.3.1 255.255.255.0

full-duplex

!

interface Serial0/0

ip address 10.0.1.10 255.255.255.252

clock rate 2000000

!

interface Serial0/1

no ip address

shutdown

!

router eigrp 1

network 10.0.0.0

network 192.168.3.0

no auto-summary

!

no ip http server

ip classless

ip route 0.0.0.0 0.0.0.0 Serial0/0

!

snmp-server community public RO

snmp-server community private RW

!

line con 0

line aux 0

line vty 0 4

privilege level 15

login local

transport input telnet

!

end

3745:

version 12.4

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname 3745-Internet

!

boot-start-marker

boot system flash:

boot-end-marker

!

no logging buffered

!

aaa new-model

!

aaa authentication login default local

aaa authorization exec default local

!

aaa session-id common

memory-size iomem 25

ip cef

!

no ip dhcp use vrf connected

ip dhcp excluded-address 192.168.2.1 192.168.2.150

!

ip dhcp pool HOME-Network

network 192.168.2.0 255.255.255.0

default-router 192.168.2.1

dns-server 8.8.8.8 8.8.4.4 192.168.2.127 192.168.2.128

!

ip domain name www.jkkcc.com

ip name-server 192.168.2.127

!

multilink bundle-name authenticated

parameter-map type regex sdm-regex-nonascii

pattern [^\x00-\x80]

!

username woodjl1650 privilege 15 password 0 henry999

archive

log config

hidekeys

!

interface FastEthernet0/0

description $FW_OUTSIDE$

ip address dhcp

ip nat outside

ip virtual-reassembly

ip route-cache flow

duplex auto

speed auto

!

interface Serial0/0

description $FW_INSIDE$

ip address 10.0.1.9 255.255.255.252

!

interface FastEthernet0/1

description $FW_INSIDE$

ip address 192.168.2.1 255.255.255.0

ip nat inside

ip virtual-reassembly

ip route-cache flow

duplex auto

speed auto

!

interface Serial0/1

description $FW_INSIDE$

ip address 10.0.1.5 255.255.255.252

clock rate 2000000

!

router eigrp 1

network 10.0.0.0

network 192.168.0.0

network 192.168.2.0

no auto-summary

!

ip http server

ip http authentication local

no ip http secure-server

ip nat inside source list 15 interface FastEthernet0/0 overload

ip nat inside source static tcp 192.168.2.128 80 interface FastEthernet0/0 80

ip nat inside source static tcp 192.168.2.128 25 interface FastEthernet0/0 25

!

access-list 15 permit 192.168.2.0 0.0.0.255

snmp-server community public RO

snmp-server community private RW

snmp-server enable traps tty

!

control-plane

!

line con 0

line aux 0

line vty 0 4

privilege level 15

transport input telnet

!

webvpn cef

!

end

Henrik Grankvist · ‎03-03-2012

Add the default route on the 3745 router:

3745-Internet(config)# ip route 0.0.0.0 0.0.0.0 FastEthernet0/0

And add:

access-list 15 permit 192.168.2.0 0.0.0.255

access-list 15 permit 192.168.3.0 0.0.0.255

access-list 15 permit 10.0.1.4 0.0.0.3 (if you want the 2610 router itself to reach the internet)

View solution in original post

pjmonline · ‎03-03-2012

Looks like the 3745 has no ip route statement for the ip subnet on the 2610. Add that and see what you get. You may also have to add a ip nat statement for that subnet as well.

HTH

Sent from Cisco Technical Support iPhone App

jwood1650 · ‎03-03-2012

Sorry still kinda learning, what would that statement look like?

viswamin · ‎03-03-2012

From the config it looks like the L3 switch 3745 is performing the NAT.

The outside interface is fa0/0 which obtains an IP address from the pool configured on the switch or on the router...which could be either 192.168.2.X or 192.168.3.X.

Both these addresses are in the private range so i dont think that can be used to route the traffic to the internet. are you performing natting somewhere outside?

-Vijay

jwood1650 · ‎03-03-2012

Yes the 3745 is getting the IP address from the ISP on the FE0/0 port. FE0/1 is connected to my switch and all PC's on that switch have internet access (from the 192.168.2.0 network). I have a 2610 connected via serial from the 3745 which I have one PC and 5 IP camera connected to... I can ping all devices, but can't access the internet from the 2610 router...No other NATTING is configured except for the 3745...

viswamin · ‎03-03-2012

if I'm not wrong, since 2610 is connected to 3745 via serial I would hope that the serial interface should also have to be configured as "ip nat inside" since the PC's attached to the router would be having an ip on the private range.

-Vijay

jwood1650 · ‎03-03-2012

No the 2610 serial interface does not have NAT....I just added the ip nat inside on the serial interface, do I need to do it for the ethernet one as well? Should that solve the problem?

viswamin · ‎03-03-2012

Sorry I wasn't clear..

I meant the Serial interface of the Switch should be configured with "ip nat inside" so that the traffic coming on this interface (typically I would assume it should be also be in private range) would also have to get natted .

I'm still a beginner. so I would let experts to confirm.

-Vijay

jwood1650 · ‎03-03-2012

I dont have a serial interface on my switch, just the routers....

jwood1650 · ‎03-03-2012

Alright this is what I have now:

and still no internet access on the 2610...

2610

version 12.3

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname Router

!

boot-start-marker

boot system flash

boot-end-marker

!

no logging on

!

no aaa new-model

ip subnet-zero

ip cef

!

ip dhcp pool 192.168.3.1

default-router 192.168.3.1

dns-server 192.168.2.127 192.168.2.128 8.8.8.8

!

username woodjl1650 privilege 15 password 0 henry999

!

interface Ethernet0/0

ip address 192.168.3.1 255.255.255.0

full-duplex

!

interface Serial0/0

ip address 10.0.1.10 255.255.255.252

clock rate 2000000

!

interface Serial0/1

no ip address

shutdown

!

router eigrp 1

network 10.0.0.0

network 192.168.3.0

no auto-summary

!

no ip http server

ip classless

ip route 0.0.0.0 0.0.0.0 10.0.1.9

!

snmp-server community public RO

snmp-server community private RW

!

line con 0

line aux 0

line vty 0 4

privilege level 15

login local

transport input telnet

!

end

3745

version 12.4

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname 3745-Internet

!

boot-start-marker

boot system flash:

boot-end-marker

!

no logging buffered

!

aaa new-model

!

aaa authentication login default local

aaa authorization exec default local

!

aaa session-id common

memory-size iomem 25

ip cef

!

no ip dhcp use vrf connected

ip dhcp excluded-address 192.168.2.1 192.168.2.150

!

ip dhcp pool HOME-Network

network 192.168.2.0 255.255.255.0

default-router 192.168.2.1

dns-server 8.8.8.8 8.8.4.4 192.168.2.127 192.168.2.128

!

ip domain name www.jkkcc.com

ip name-server 192.168.2.127

!

multilink bundle-name authenticated

parameter-map type regex sdm-regex-nonascii

pattern [^\x00-\x80]

!

username woodjl1650 privilege 15 password 0 henry999