I'm trying to change my office's router (a D-Link) for a Cisco 1841.
The current router works for internet access but I need to do some new things which are too tricky to achieve on D-Link's user interface.
The network diagram is attached.
I need to assign the local server as our DHCP & DNS server.
So, I have been testing and trying to give LAN access to the internet with the following configuration:
Current configuration : 1173 bytes
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
no aaa new-model
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
no ip dhcp use vrf connected
ip dhcp pool OFFICE
ip address 192.168.0.3 255.255.255.0
ip nat inside
ip address 22.214.171.124 255.255.0.0
ip nat outside
no ip address
no ip address
ip http server
ip nat pool ISP 126.96.36.199 188.8.131.52 prefix-length 24
ip nat inside source list 1 pool ISP
access-list 1 permit 192.168.0.0 0.0.0.255
access-list 101 permit icmp 192.168.0.0 0.0.0.255 any echo-reply
access-list 101 permit ip any any
line con 0
line aux 0
line vty 0 4
But so far, It hasn't worked.
I can't even receive any ping responses from f0/0.
What really worries me it's the fact that I know this should be a very easy set-up.
What am I doing wrong?
Thanks in advance.
Solved! Go to Solution.
Are you saying you cannot ping 192.168.0.3 from a device on your 192.168.0.x network ?
If so have you verified the subnet masks of the devices on the 192.168.0.x clients ?
What model is the switch and how is it configured ?
Can you also do a "sh ip int brief" on the router to check the interfaces are up.
Answering your questions:
1.- I just tried again to ping the 192.168.0.3 ip and this time it worked (I suppose I have to wait a little longer for the configuration to take effect).
2.- The switch is an AVAYA P134G2 and to tell you the truth, I don't have an idea of how it is configured. (but internet access works perfect with the D-Link router).
3.- I just did "sh ip int brief" and the two interfaces were "up and up".
Still no internet access...
Thanks for answering.
Okay, well that's progress
You do not have default-route on your router so you need to add -
route 0.0.0.0 0.0.0.0
can you add that and see if you can -
1) ping fa0/1 interface on your router from a 192.168.0.x client
2) see if you can ping the ISP next-hop
if you can't do 2) can you make sure you can ping the ISP next-hop from your router.
Note also that if you have setup an internal DNS server for clients this DNS server needs to know how to get to DNS internet servers otherwise when you enter URLs for example in your web browser it won't work. Have you setup the DNS server to forward DNS queries to your ISP DNS servers ?
One more thing:
I just noticed that when I connect the 1841 to the ISP router, "FDX" and "100" status LEDs don't turn on.
Could it be a speed conection related issue?
Regarding your last response:
My ISP doesn't give any next-hop address, I have asked for it in the past.
They just gave me my range of valid IP addresses and that's it.
Our current router doesn't have any next-hop ip address configured and it works for internet access.
Is it mandatory to configure it that way?
Well, now I see...
It's a DNS issue.
I manually configure the primary and secondary DNS servers ip addresses and now I have internet access.
Questions now are:
1.- Why my configuration is not accepting my DNS servers automaticaly?
2.- Should I leave the default route "ip route 0.0.0.0 0.0.0.0 fa0/1" the same way?
1) Not sure what you mean. If you have a DNS server internally then you should add the ISP DNS servers as DNS forwarders.
Or are you trying you trying to add them to the router. In fact i'm not sure what this config on the router is for ?
ip dhcp pool OFFICE
2) You can but using an interface as the next-hop but it means with ethernet there will be excessive arp queries from that router. If at all possible you should use an IP as the next-hop.
Here's what I have tested:
If I manually set my ISP DNS servers on my hosts, I have access to the internet but no access to our intranet.
If I manually set my primary DNS server as our local DNS server and my primary ISP DNS server as secondary, I have access to both.
What I wanted to do with the "ip dhcp pool OFFICE..." was to assign or point to our local server in order to use it as our DHCP & DNS server.
Isn't that configuration necessary?
I don't know how to assign a local DHCP server within Cisco IOS.
I haven't found any commands for that.
This is getting more interesting every time:
Indeed, I do have access to the internet now but:
1.- Only from my PC and my test Laptop. Every other host on LAN is not able to connect to the internet even though I'm able to ping from each of them to the f0/0 of the router, our local server and between hosts.
2.- I have to manually set primary and secondary DNS servers in my PC and test Laptop in order to get it working.
Is there a reasonable explanation for that?
Now I'm at a loss...
Fron what i can see it's all the same issue. You need to make sure the clients have DNS servers.
You either need to add these DNS servers that work to the DHCP config on your server or if you use an internal IP as the DNS server then that server needs to have the ISP DNS servers added.
You need to choose whether you want an internal DNS server which is queried for all requests or whether you want to use the ISP DNS servers on the clients.
Without one of the above 2 options clients will not be able to connect to URLs which you enter in your web browser.